When attempting to add a SQL PI extension to a SQL Server PI repository database Active Directory (AD) Windows authentication, a message stating at the domain service account failed to connect from an untrusted domain and cannot be used with integrated authentication appears.
[Foglight][SQL Server JDBC Driver][SQLServer]Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication.
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
In the latest 8.2 JDBC driver, Microsoft has fixed this.
CAUSE 1 NTLM Security
WORKAROUND
Turn off NTLMv2 session security
Users can restrict and/or disable NTLM authentication via Group Policy. It's located in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options, and the options are listed as "Network Security: Restrict NTLM:"
STATUS
This issue has been logged as PIFOG-692 and has been fixed in the 5.9.5.15 and higher releases of the SQL Server and Oracle cartridges.
The latest version of the 5.9.5.16 cartridge can be downloaded from KB 289910.
CAUSE 2 Port blocked
Ensure that the SQL Server connection port is open on any firewalls between the FMS, FglAM, and SQL Server repository server.
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy