We help IT Professionals succeed at work.

SQL Server 2012 Login failed for user 'NT AUTHORITY\SYSTEM'

19,591 Views
Last Modified: 2013-10-15
so i installed SCOM 2012 the other day, and i was getting errors on from my SQL server that the SPN was not set.

so, i go and set the SPN.....  setspn -A MSSQLsvc/servername:1433

It successfully registered the SPN.

then, no one could access the server,  and SharePoint gave an error that it could not connect to the configuration database.

Removing the SPN through adsiedit, fixed the problem,  but we are getting additional errors in our SQL logs,  

Login failed for user 'NT AUTHORITY\SYSTEM'  reason: failed to open the explicity specified database 'dbname' [client IP:  which is the sqlservers ip]

the SQL trace logs, show the same type of error,  but specifiy the Windows script host as the application name

this has been going on for a few days, and to my knowledge nothing has changed in AD

when i run this query
SELECT auth_scheme FROM sys.dm_exec_connections WHERE session_id = @@spid ;

the response comes back as NTLM

any ideas?
Comment
Watch Question

What service is believed to be trying to connect to the server and asking for that DB?  Is it possible to run it as a named user rather than as SYSTEM?  If you run it as a named user, e.g. MyAppUser, setting permissions for it on the DB should become simpler.

Author

Commented:
i am not totally sure,  the ip address that the login failures are coming from are all local

when i look at the "user mapping" for nt auth, it shows only a couple of DB;s that are mapped to the login,  

it shows:  
sharepoint admin
sharepoint config
wss content

looking at it closer, it looks like it is failing on the Masterdb,  so i added that to the user mapping

the errors seem to come every 15mn,  so i will check back in a little bit to see if they continue.

Author

Commented:
this is what the errors in the trace log were


Audit Login Failed      
SYSTEM      NT AUTHORITY
SRV-*      
5836      
Microsoft ® Windows Script Host      
NT AUTHORITY\SYSTEM      
115      2013-10-10 11:21:11.997      
1 - Nonpooled      0            0      3945            
domain\SRV-*$            
Login failed for user 'NT AUTHORITY\SYSTEM'. Reason: Failed to open the explicitly specified database 'DQS_MAIN'. [CLIENT: 10.*.*.*]      1      
38      18456      master      1 - Non-DAC

Author

Commented:
Still getting the errors

Author

Commented:
Date            10/10/2013 2:21:18 PM
Log            SQL Server (Current - 10/10/2013 2:06:00 PM)

Source            Logon

Message
Error: 18456, Severity: 14, State: 38.
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I did the research and figured it out
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.