Credential Management Event alarms fire hourly from SQL Server database agents.
com.quest.glue.api.services.CredentialRejectedException: AccessIsDenied (0x5) while connecting as DOMAIN/USER to HOST.DOMAIN.COM. . Please ensure that the Remote Registry and Server services are running and the connecting user has permission to modify these registry keys: {72C24DD5-D70A-438B-8A42-98424B88AFB8}, {0D43FE01-F093-11CF-8940-00A0C9054228}. There may be multiple instances of each key, especially for 64-bit versions of Windows Server 2008 R2 and Windows 7. Each instance will need to be updated.
The SQL Server agent, from version 5.7.5.1 onwards, is now using Windows Remote Shell command to get the DBSS_Error_Log_List, DBSS_SQL_Server_Error_Log, and DBSS_SQL_Agent_Error_Log collections. Windows Remote Shell Command DCOM connection is a different type of connection that also uses DCOM (WMI)/WinRM apart from the usual WindowsInfoConnection that a DBSS agent makes to get the OS Collections.
The failed Credential Alarms occur when the DBSS agent cannot make the Remote Shell command and this is a valid alarm (when the 4 WinRM + 1 DCOM(WMI) connection attempts fail). WindowsInfoConnection may very well work but the Remote Shell command may fail, triggering the failed credential alarms.
SQL Server agents may be configured to use FALLBACK Error list collection query method, this attempts to make an OS connection using DCOM (WMI) to collect Error Log data, and then follows with a JDBC connection.
When the sufficient permissions have not been applied, credential alarms from each SQL Server agents may fire hourly.
Run the following groovy script to change the Error Log collection for all SQL Server agents from FALLBACK to JDBC. Knowledgebase article 4309796 details how to run a groovy script in the Script Console.
srvConfig = server["ConfigService"];
srvAgent = server["AgentService"];
namespace = "DB_SQL_Server"
agentType = "DB_SQL_Server"
def updateASP(primaryASP) {
primaryASP.setValueByString("ErrorLogListQueryMode" , "JDBC");
srvConfig.saveConfig(primaryASP);
}
primaryASP = srvConfig.getAgentTypePrimaryAsp(namespace, agentType);
updateASP(primaryASP);
def allAgents = srvAgent.findByAdapterAndType("FglAM", "DB_SQL_Server");
allAgents.each {agent ->
primaryASP = srvConfig.getAgentInstancePrimaryAsp(namespace, agentType, agent.getId());
updateASP(primaryASP);
}
return true;
def out = new StringBuilder();
def agentService = server.get("AgentService"); def configService = server.get("ConfigService"); def agents = agentService.findByAdapterAndType("FglAM", "DB_SQL_Server"); for (agent in agents) {
def primaryASP = configService.getAgentInstancePrimaryAsp(agent.getAgentNamespace(), agent.getTypeId(), agent.getId());
if (primaryASP) {
out.append(String.format("%s, %s: ErrorLogListQueryMode=%s\n", agent.getRemoteClientId(), agent.getName(), primaryASP.getString("ErrorLogListQueryMode")));
}
}
return out.toString();
Additional CRs: FGL-19666, SSDB-14323, SSDB-14324, SSDB-14325
Idea/Enhancement FGSS-I-32 was logged to ask that the "Error list collection Query Method" property value be set to JDBC by default.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center