Service account locked out for Foglight very frequently. No credential has been found with an incorrect password.
SQL Server agents are configured to use Error list collection query method: FALLBACK.
Violation Report shows the following information (edited for security):
This seems to be caused by the JCIFS library used for Error list collections by the SQL Server agent.
The Violation Report shows an entry for hosts called JCIFS210_250_EA which is consistent with this Microsoft discussion. In this example 210 and 250 represent the last two octets of the FglAM IP address, and EA represent two arbitrary hex digits as per this format: JCIFS000_000_XX.
1. Run the script documented in KB 156825 from script console.
2. It should list a few agents using FALLBACK, which is to be avoided. If so, run the next script: SQL error log list FALLBACK to JDBC.groovy to change the Error Log list collection configuration for all of the existing agents to JDBC.
3. Run the script from step 1 to check that none of the agents show up with FALLBACK.
4. Disable all SQL Server Agents
5. Confirm the service account is unlocked
6. Enable the agents.
7. Monitor for a few hours to verify if issue is resolved. If it's not, continue to option 2.
© ALL RIGHTS RESERVED. Feedback Conditions d’utilisation Confidentialité Cookie Preference Center