We have an Azure SQL server. From some machines in our Azure subscription we cannot connect to our SQL server, but from other machines it's fine. From machines outside of Azure we have no issues at all.
The error thrown is
Login failed for user 'SQLAdminUser'
And the SQL log itself shows:
<login_information><error_code>18456</error_code><error_state>113</error_state></login_information>
Reproduction is very simple. From an affected machine, in Powershell, execute:
$sqlConnection = New-Object System.Data.SqlClient.SqlConnection "Server=tcp:ourdb-sql.database.windows.net,1433;Initial Catalog=SitesEE;Persist Security Info=False;User ID=SQLAdminUser;Password=[password]"
$sqlConnection.Open()
Exception calling "Open" with "0" argument(s): "Login failed for user 'SQLAdminUser'."
I don't see Error 113 documented anywhere on the official documentation. I'm assuming it's related to a VM somehow as other machines can execute that code without issues.
After a support call with Microsoft, they confirmed that Error 113 is a temporary firewall ban of the connections IP address.
We had a process that had an invalid password configured, and it got enough attempts wrong that the IP address got on a ban list. It kept retrying, so it stayed on the ban list. Every VM that used that outbound IP address was thus also banned.
Fixing the errant process cleared the ban within a matter of minutes.
Documenting that here in the hope that it can save someone else the hassle of opening a support ticket to find out something that should be public documentation.
Related
I'm new to using DPA - while monitoring some alerts, I found that we had repeated attempts for a "login failed for user 'domain\User': attempting to use an NT account name with SQL Server Authentication [CLIENT: local machine]"
After doing a bit of research, we have identified that the attempted logins were coming from a Task Manager Detail with a PID associated to SWJobEngineWorker2.exe that runs every 5 minutes, and everything I've found seems to be that this is related to NPM.
There are also 3 other Detail/Services that are constant: SWJobEngineSvc2.exe, and 2 instances of SWJobEngineWorker2x64.exe
We do not have any stored credentials in Solarwinds for this particular domain\User, and it doesn't appear that we're using AppInsights to monitor, and nothing seems to be failing, as DPA is monitoring the SQL server just fine.
How can I remove/change this process or adjust the credentials/connection settings it is using?
NOTE: There are NO services on this particular server that use this domain\User account and the only SW service running is 'SolarWinds Agent' using LogOnAs Local System, and there is nothing to uninstall from Control Panel.
SOLVED!
In Solarwinds, under the "Product Specific Settings > SAM Settings", the account 'domain\User' was attempting to use an incorrect Authentication Type and likely an incorrect password (not sure how long ago this was set up in our environment).
After changing the account and authentication type, we were able to quiet the false alerts.
I'm trying to follow the instructions on how to create a persisted connection to an Azure Storage File Share. However from my Windows 10 machine I cannot get the cmdkey / net use combination to work:
C:\>cmdkey /add:myaccountname.file.core.windows.net /user:myaccountname /pass:myaccountkey
CMDKEY: Credential added successfully.
C:\>net use \\myaccountname.file.core.windows.net\mysharename
System error 53 has occurred.
The network path was not found.
However if I provide the username and password in a single net use command it works correctly:
C:\>net use z: \\myaccountname.file.core.windows.net\mysharename /u:myaccountname myaccountkey
The command completed successfully.
So it doesn't look like a firewall issue.
Any ideas? Is there another port that needs to be open to allow the cmdkey scenario to work?
Error 53 usually means that port 445 is blocked. Check the firewall on your computer, and if you are in a corporate environment, ask your corporate IT guys if they are blocking it. Many common ISP's block that port as well. For example, I know it doesn't work on Comcast but I've heard Time Warner Cable does not block it.
I have made application ASP.NET C# and my connection string is as follows:
<add name="ASPNETDB" connectionString="Server=tcp:MYDATA.database.windows.net,1433;Database=MYDATA;User ID=MYDATA;Password=MYDATA;Trusted_Connection=False;Encrypt=True;Connection Timeout=30;" providerName="System.Data.SqlClient" />
Now it doesn't work at all, I mean I can't connect to my SQL server on Azure at all. When I want to login nothing happens, when I want to register nothing happens too. I get exception when I press to update DB, ie Publish->Settings-> Check box "Update database" Configure database updates . It seems to me that it doesn't work at all. The exception is of following type:
Error 22 Web deployment task failed. (Could not deploy package.
Unable to connect to target server.
Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_EXECUTING_METHOD.) 0 0
What should I do? Please help?
I would recommend logging into the azure management portal and re downloading the publish profile for the application. If you are not working using a publish profile , then at least re download the connection string that is setup for the app and the DB. while in there check that the application (web site or VM) is up and running, and that the database it is connected to is also up and running.
I had to set firewall rule 0.0.0.0 to 255.255.255.255. Even though my firewall rule was set for my address, somehow it didn't register, because communication was relying to my website-DB and ip address of my website wasn't included there too. So I put rule as said before and now it works like a charm. :-)
Here in this case, when a client is trying to access a particular URI, they are able to get a SUCCESS response for GET, but for the POST message, they are recieving a 500 error. Which is nothing but INTERNAL SERVER ERROR.
please look at the ERROR below:
Weblogic Bridge Message
Failure of server APACHE bridge:
Cannot open TEMP post file '/tmp/_wl_proxy/_post_1818_8' for POST of 3978 bytes
Weblogic Bridge Message
Failure of server APACHE bridge:
Internal Server failure, APACHE plugin. Cannot continue.
Eventually this was resolved after giving a 777 permission to /tmp/_wl_proxy and the client was able to access the page SUCCESSFULLY.
If this is a permission issue, then apache should throw 403 error, but i dont know why it was throwing 500 error.
if there is a internal server error, then both GET and POST response should be 500, So if anyone can answer this , it would be a great learning experience. Thanks..!!
You many not want to give Write to all (777) permission to /tmp/_wl_proxy directory. Check which userID apache is running under and only give writer permission to that userID.
This could be also with tmp directory full.
Here is what I did to solve this problem:
Go to weblogic management console (http://:7001/console)
Go to the server section, you will probably find one of your servers' status not running. This is what I found in my case;
Some features couldn't be run unless you have administrative privilege, I advice you stop all servers and re-run them as an administrator as you follow your servers status in the administrative console.
If the above doesn't work, something has to do with your either report or form server configuration is hindering the servers from starting up. In all cases you need to monitor the administration console.
I'm getting an odd problem with connecting to a server.
The server's logs read:
2013-05-21 11:18:24 [IP ADDRESS] HEAD /msdeploy.axd site=[SITE NAME] 8172 administrator [MY IP] - 401 1 1326 214
I am using the administrator account so I can't understand why it's not allowing access!
I am using VS2012 and Web Deploy 3.0 on Server 2008R2 x86.
UPDATE
When using the command msdeploy.exe -verb:dump -source:iisApp=<sitename>,username=administrator,password=<urpassword>,authtype=basic,computername=https://<yourserver>:8172/msdeploy.axd?Site=<sitename> -authtype=basic as suggested by #ShaikhOwais I get the following error:
Error Code: ERROR_USER_UNAUTHORIZED
More Information: Connected to the remote computer ("[COMPUTER NAME]") using the Web Management Service, but could not authorize. Make sure that you are using the correct user name and password, that the site you are connecting to exists, and that the credentials represent a user who has permissions to access the site.
"Make sure that you are using the correct user name and password" - yep.
"that the site you are connecting to exists" - yep
"the credentials represent a user who has permissions to access the site" - it's the administrator...
As stated in the comment above, you need to qualify the username with the domain to which your admin user belongs.
Your script should thus be:
msdeploy.exe -verb:dump -source:iisApp=<sitename>,username=
<DOMAIN>\administrator,password=<urpassword>,authtype=
basic,computername=https://<yourserver>:8172/msdeploy.axd?Site=<sitename>
-authtype=basic
It happen with me and it was share permissions issue that time
Can you try "net use \server\c$\path\to\fodler" and see if you can access this directory?
If it does not help can you please reply -
Are you getting first time this error ? was you able to web deploy on the same server earlier or you are doing first time with this server ?