When attempting to add a SQL PI extension to a SQL Server PI repository database Active Directory (AD) Windows authentication, a message stating at the domain service account failed to connect from an untrusted domain and cannot be used with integrated authentication appears.
[Foglight][SQL Server JDBC Driver][SQLServer]Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication.
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
In the latest 8.2 JDBC driver, Microsoft has fixed this.
CAUSE 1 NTLM Security
Turn off NTLMv2 session security
Users can restrict and/or disable NTLM authentication via Group Policy. It's located in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options, and the options are listed as "Network Security: Restrict NTLM:"
This issue has been logged as PIFOG-692 and has been fixed in the 18.104.22.168 and higher releases of the SQL Server and Oracle cartridges.
The latest version of the 22.214.171.124 cartridge can be downloaded from KB 289910.
CAUSE 2 Port blocked
Ensure that the SQL Server connection port is open on any firewalls between the FMS, FglAM, and SQL Server repository server.