An error occurred during Service Master Key decryption - sql

I am relatively new to SQL so will try explain as best I can.
All servers are SQL Server 2012
I currently have a database which has two Linked Servers to access two other databases.
From these 3 databases I have setup 5 view which are referenced in a stored procedure.
When trying to run the stored procedure it was failing, I opened the procedure and tried to run it manually to see what the issue was and received the below error:
Msg 33094, Level 16, State 1, Line 16
An error occurred during Service Master Key decryption
I then tried breaking it down and found that I was receiving this error when trying to reference the views that where using the Linked Servers.
I tried simple selecting the top 1000 rows of these views and strangely enough it will return the values 1 out of 5 times and give the above error the rest of the time.
I've tried Googling the issue but a lot of the issue are referenced when a database has been restored or moved, nothing of the sort has happened with mine.
it was suggested to run the below to see if there was an error and I've had none.
ALTER SERVICE MASTER KEY REGENERATE
edit:
I've also created a new accounts and relinked both servers in an attempt to test/fix the issue.
The accounts are SQL Server Authenticated accounts with db_datareader rights to the databases
Can anyone suggest what I should perhaps look at, I'm a little lost.
Thanks in advance for any help or advice.

We have the same setup and had exactly the same problem on some of our servers and we narrowed it down to a recent Windows patch, KB3004375 ("Update to improve Windows command-line auditing"). After removing this security patch, there are no more errors.
I can elaborate more if needed.

Related

Unable To Bring Online Any Database On A Server

Over the weekend my Dev server experienced a very interesting issue. I have a scripts that periodically take several databases offline, and then bring them back online again. They ran, and took all the specified databases offline, but then failed to bring them online again, the specified error message was:
Msg 5011, Level 14, State 7, Line 4 User does not have permission to
alter database 'XXX', the database does not exist, or the database is
not in a state that allows access checks. Msg 5069, Level 16, State 1,
Line 4 ALTER DATABASE statement failed.
This doesn't seem right to me as they we're run from a user account that has the following properties set:
I further validated that it wasn't a permissions issue by logging on to that server, running SSMS as an Administrator and logging in with my windows credentials (also a admin account) and executing the following SQL on the offline database:
USE [master]
GO
ALTER DATABASE [XXX] SET ONLINE
GO
With the same results...
I've looked at the SQL logs for more details about the specific error, however there are no entries associated with this issue. I can reproduce this issue on every database on this particular server. The only way I've been able to get the databases online is by de-attaching and reattaching them.
Most other stack overflow tickets involving this error message are specific to one database or a specific user account. My issue spans all databases and all admin users I've tried so far, also my issue occurred on a script that had previous worked fine on this server and account, clearly something has shifted over the weekend that is causing this query to now fail. I wonder if anyone else has experienced this issue before?
Update 1
This post talks about how file security can trigger this error message, I granted full access to the user group on one of the databases, then reran the online command, no luck. My SQL Server service is running under a service account that is part of the "Administrator" user group and has full access to all database files.
Update 2
All sorts of interesting idea's put forward here, also discussed here. Lots of commands and ideas on how to repair damaged databases with a several combinations of repair like SQL command, unfortunately none of them work in my situation, they either won't run on offline databases, or after detach and reattachment do not report any errors. Of course, there are always a number of posts simply insisting that the solution is permission based and that running: GRANT ALTER ON DATABASE will resolve all issues. For my admin user account it shouldn't make a difference, but it's a moot point as I can't even run that command on a offline database...
Finally tracked down the issue, apparently we had a completely unrelated SQL database instance on the same server in recovery mode. While it was recovering we we're unable to bring any offline instances online. Detach/re-attach would work, and we could restore the database just fine, but just not set it online.
The separate database finished recovering and we are now able to run the command without issue. I suppose in the future, if I don't care about the database that's in recovery(which I often don't) I'll following the linked steps to get rid of it, before restarting SQL Server and proceeding:
Stop SQL Server
Delete MDF + LDF
Start SQL Server
Restore (may need to drop first, comes up suspect)

Azure SQL Server Database creation not working correctly

I have Azure and I just upgraded to the Pay-as-you-go option as I though being on the trial might be causing my issue, but it persists.
I try to make a database in SSMS and I get this error saying I don't have the right subscription:
The reason I want to do it from SSMS is because when I try to add the database through the azure portal it doesn't show up in the sys.database table:
One of my databases is dependent on another and can't find it when trying to add a stored procedure because it doesn't seem to be registering correctly with master.
What is going on and how do I fix it?
I figured it out. When making a new database you need to go to options and change service level to basic.

Azure SQL Server Can't create table

A couple of weeks ago, I acquired a SQL Server database and started to develop my application with it with no problems since then.
Today, out of nowhere, I got this error:
Msg 262, Level 14, State 1, Line 1
CREATE TABLE permission denied in database 'master'.
This error is shown everytime I try to create a table, I tried SELECT, it works fine. I'm trying to understand what is wrong for hours, I only have one user, which I created when I setup the database for the first time, and I checked it's permission, it shows that I have permission to create a new table.
Also, everytime I connect to it with Management Studio 2016, it asks for me to add my IP, so I know that's not the issue.
I really have no idea how to continue from here, everything I found online people talk about granting permissions which it doesn't seems to be what is happening here, since I checked my permissions.
Any other thoughts?
The error says,You don't have permission to create table in master database..try creating in your database..
You can't create table in master database in SQLAzure.Master database in SQLAzure is readonly and is there, to hold information about roles,logins..
Check out this question as well:Please explain SQL Azure "master" database

MS SQL Server - Database Sysobject table missing permissions?

I'm going trying to fix an issue that is burning and I've spent the last day without success.
I have a database server running SQL Server 2008, one database and one stored procedure.
The stored procedure logic contains the following sentence:
IF EXISTS
(
SELECT *
FROM dbo.sysobjects
WHERE id = OBJECT_ID( '<StoredProcedureNameHere>' )
AND OBJECTPROPERTY( id, N'IsProcedure' ) = 1
)
BEGIN
-- Do something here
END
Now, the issue:
If I run a query from the Management Studio script to execute the stored procedure under investigation it works correct and executes the "-- Do something here" logic.
However, exactly the same stored procedure invoked from a web service does NOT work.
I disabled for testing the entire IF EXISTS(---) block and retrieved information is the correct one.
My preliminary conclusion is there should be any permission setting ( I'm obviously not aware of ) configured for my user account over the database (and thus on sysobject table ) allowing me to successfully get the information that is NOT in place of the user account used by the web service to access the database.
Anybody knows any standard setting I should validate to have this working ?.
Hint - Both database and web service components were perfectly working. All this kind of issues started to come up right after the database server crashed and Operations teams needed to rebuild the database server. On asking about the state of the databases, they said they were able to backup the database and they must work as restored right after the new server was build.
Any assistance will be greatly appreciated.
Thanks,
Fortunatelly the issue was cleared out after Operations Team figured out the configuration for the domain account being used by the web service was incorrect. Couple of days looking for something that should not be an issue if the Config wiki page would be followed up step by step (everybody complains when there is no docu, but when it is available there is not being used at all ).
Anyway,if you had the same issue make sure to check the user info has enough privilegies to execute the stored procedure.
Hope this helps somebody else.
Thanks,

"Transactional publication with updatable subscriptions" - gives error - "The distributor has not been installed correctly"

I am new to replication. I have two sql server 2008 servers running on windows 2008 R2. The servers are in two different locations and on two different domains. I have been able to use aliases to get both "Snapshot publication" and "Transactional Publication" working perfectly. But what I need is "Transactional publication with updatable subscriptions" so if a change is made on either server, the changes are replicated to the other server.
When I run through the New Publication, I get through every page to the very end with no problem but when I click the finish button I get an error. There are three actions and it fails on the first action called "Creating Publication 'xxxx'" The message I get is "SQL Server could not create publication 'xxxx'. an exception occurred while executing a Transact-SQL statement or batch. The distributor has not been installed correctly."
I have searched for an answer and cannot find it. I think this is a permission problem between the two servers but I have no idea how to solve it.
Any help would be appreciated.
In my experience the installation of different types of replication over the top of one that was previously implemented can cause issues.
If able I would suggest clearing all replication and starting from scratch with your new approach.
You have to run a variety of stored procedures to get it completely off the server. Using the GUI only doesn't do nearly as good a job of cleaning everything off.
This guide from Microsoft should get you started.
http://msdn.microsoft.com/en-us/library/ms152757.aspx