I'm somewhat stuck. We have a database server which was set up and configured by a third party. It's for a third party product so unfortunately we're stuck with the way they've configured it.
Their brilliant configuration includes using the sa account to make a number of connections. For about a week now we've had connection failures filling up all our event logs, two every ten seconds. I have managed to identify that it is the master database this login failure is for.
It's definitely the sa account accessing the master database. It is not an incorrect password (which is good, because we don't know the sa password - and neither does the vendor, it seems. Yay...) because we're getting error state 16 so I believe the sa account has some problems with the master DB.
It's connecting to everything else without problem - I can see the connections made to all other databases successfully. I have checked the sa account permissions and I really can't see anything wrong. I'm at the point of restoring the master database from a backup two weeks old and wanted to open this up to you awesome people out there in case any of you have come across this before and have any alternative suggestions...
Yours hopefully...
Summer
Edit: added a screen shot of my error below:
Well my first suggestion would be get the third party vendor in there to reconfigure and fix. They made the mess, let them clean it up.
Restoring the backup might work but it is critcally important that you 1. change the sa password and 2. do not allow the software to connect using sa. I would make this a deal-no deal item with the vendor. The vendor though is terminally incompetent if they did this and I would seriously be looking at their competition to replace this badly designed system.
Related
I am trying to create some local user accounts in Windows 10 on my home PC. I can go through the wizard ok, but when I try to login to the accounts I get a message similar to 'user profile service failed the logon'.
The whole story is this:
I want to add a SSD drive to my system (Dell Tower, I do not remember the model). So following some advice, it was suggested to move my user files to another drive so the SSD drive would only have the OS and programs on it. Plus this would keep my SSD required size smaller.
So I started to move my user files using the "Location" tab for the "My Documents" and similar folders to my other drive. This all appeared to work okay.
I then selected my wife's folders but I could not since I was not logged under her account, fine. I logged out of my account and attempted to log into her account (we both have administrator rights). That is when I received the 'user profile failed' message.
I have third account on the system, another admin account, and it too failed. Windows seems to be accepting the passwords, just failing further into the login process.
I logged back into my account and my desktop is completely different, there are only 3 icons there now instead of the ~20 I had before, so something with the 'move' failed? I'm not sure. I moved the files back to the default location and that did not help. I googled the 'user profile service failed' message and it seems this happens often enough that there are fairly detailed instructions about how to fix it.
The one fix was to examine the registry (this was from support.mircosoft.com) HLM\Software\Microsoft\windows nt\CurrentVersion\ProfileList and 'simply' remove the '.bak' suffix from entries that match the accounts that are broke. Set some other values to 0. In my case the values were not present in the values list.
I did this and it did not help. I did reboots at various times throughout this process, but those did not help either....
So I tried to create a new account(s), but no matter how I created the account I could never log into the account. Right now, I have only one account that I can log into.
I have not tried the "net user" command as I have just found some information about here at work. I did have to use that program to reset my account's password recently. I have used the same password at home for years, so I do not know how it changed. Luckily, my wife's account still worked at that time and it was an administrator account. So maybe that was some indication that the 'user subsystem' was failing in someway.
This PC is seldom connected to the Internet, only for Windows updates or downloading a program, like "Open Office", Paint.Net type of things. We mainly use an older XP machine for computer work and a tablet for surfing the 'net. The computer is 'new' to us and we have not migrated our files to it. In fact the PC is seldom used at all and powered off for months at a time. I am pretty much the only person that even uses the system, my wife went through a "Dummy's for Windows 10" book and decided it was too different to really bother with learning a whole new thing.
I will try 'net user' tonight to add another account and see if that helps.
Thanks for any hints or suggestions.
I'm not 100% sure what's happened, but it looks like the accounts are probably corrupted. You can do it, but Windows much prefers to have the user profiles on the same drive as the installation itself. Moving them entirely may be the cause of the issue.
(For future reference, If you want to copy user accounts across to a new SSD, it's always best to start here: C:\Users\xxxxx). xxx being your userID. If you would like to use it as your primary C:Drive for Windows - I would advise just a clean install.
You could try a couple of things at this point. (Make sure you're connected to the internet if you can)
First, try just making sure your connected to the internet and run all the updates you can. The profile service may just be corrupted and Win10 especially might just need an internet connection to sort it automatically.
Try booting into recovery mode, and run a system restore back a few days. The files may not return but it might fix the profile issues.
If you can still login to your wifes profile, use this tool (after backing up your files) to clear out all the old profiles.
Net user will likely just enable the hidden admin account, and would not be all that useful if your wife's account is already and administrator.
Problem: I created 10 AlwaysOn Availability Groups with SQL Server without a problem. Suddenly, it stopped worked and I kept getting this ONLY on the "create the listener" part:
Msg 19471, Level 16, State 0, Line 9
The WSFC cluster could not bring the Network Name resource with DNS name 'L_MyListener' online. The DNS name may have been taken or have a conflict with existing name services, or the WSFC cluster service may not be running or may be inaccessible. Use a different DNS name to resolve name conflicts, or check the WSFC cluster log for more information.
Sometimes I also got Msg 19476. This was all maddening because one moment I was creating listeners and availability groups, feeling like a guru, and then everything stopped and I lost hours of time.
So how do you solve this? Of course, Microsoft's own suggested text in the above error description was NOT helpful.
Apparently, each listener is really creating a mini "computer" in Active Directory if you look. And... here's the kicker, a domain user can only join a computer to a domain a limited number of times and that default is 10. Who would have thought that adding listeners equates with joining users to a domain!???! Microsoft really should have made this listener thing more intuitive, at least in their description text of possible problems.
Well, on your Domain Controller, open ADSI Edit, configure it the first time to look at your default naming context of your domain, like "DC=yourname..." with the CN= rows below that. Now, right click on the "DC=" line, choose Properties and navigate down to ms-DS-MachineAccountQuota and increase the limit from 10 to something else like 100.
You may need to run "GPUPDATE /FORCE" on the SQL Servers where you want to try again to add the listener. You may also have to clean up the mess it left (i.e. delete and restore the bad attempt at setting up your group and listener) before you try again.
With SQL Server 2016 supposedly going to require each database be in its own group, with its own listener, people will hit this limit of 10 quite easily!
I hope this helps you. If so, please mark this as the answer on the left. Of course, there are other reasons why people may get this error, as in the Microsoft error now but this whole post is for people who had it working just fine and then suddenly it stopped.
My problem is like this: I had a copy of SqlServer 2012 installed on my machine. It's been there for over 3 years without any glitches at all. Just 4-5 days ago, a problem sprouted up. When I started Management Studio it told me that
msdb got corrupted so it cannot be opened.
The complete message is something like this:
Cannot display policy health state at the server level, becuase the user doesn't have permission. Permission to the database msdb is required for this feature to work correctly.
So what could be wrong here? What sudden changes/anomalies could have crept in that has made this unstable? Someone told me it could be due to a wide range of possibilities. The reason could be anything. Even some nuget packages affect the database. Initially I though this could have been an issue with login, permissions etc. So I tried to run as administrator also. No, it did not cure this problem. If you try to create a new database it simply tells me, that I can't do it. The message is something like this:
An exception occurred while executing a T-SQL statement or batch.[Microsoft.SqlServer.ConnectionInfo]. Database msdb cannot be opened. It has been marked as SUSPECT by recovery. [Microsoft Sql Server, Error:926]
How do I recover from this? Can you provide me some guidance? Or a clue where precisely to look for the hints of problem? All my work is stalled. Any kind of assistance in recovering my ailing sqlserver installation will be humbly received.
So, I'm requesting you all to show me the way.
Thanks in anticipation.
I fixed mine with Solution C from the following website. my MSDB was corrupt and not loading so I stopped the services and replaced it with the files from the template in the SQL Server directory.
https://www.mssqltips.com/sqlservertip/3191/how-to-recover-a-suspect-msdb-database-in-sql-server/
"The templates are saved in "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Templates" (the path varies by version and install choices, this is the default for SQL Server 2012). By shutting down the instance and replacing the bad MSDB data (msdbdata.mdf) and transaction log (msdblog.ldf) files with the template files I was able to restart the instance without error!" (just incase the website link doesn't work I have quoted it here).
Fissh
If your MSDB is corrupted, restore from your most recent backup. That's the safest thing to do and that's why we have backups to begin with.
If you do not have a backup of MSDB, you have a couple of options.
Recreate it. Detailed instructions here: https://msdn.microsoft.com/en-us/library/dd207003(v=sql.110).aspx#CreateMSDB. This is the best way to ensure you get a clean, functional MSDB and is the fastest way to get up and running again. IMPORTANT: Doing this means you lose all jobs, backup history, etc... that is stored in MSDB. Remember to recreate all maintenance jobs after you're done else you're just waiting for the next thing to fall over (e.g. transaction log backups no longer run, tlogs grow till you run out of disk space - now you can't run any queries that will commit transactions).
DBCC CHECKDB WITH Repair_allow_data_loss is another option which you'll probably find if you google/bing the issue. This might work but it is not recommended. The problem is you don't really know what will be lost. It works by deleting what it can't read then fix the links to get the database physically functional again. Once that's done, you'll have to go back and figure out what remains and is still functional. That is tedious and error prone. Besides, if you're gonna do this very thorough manual check to ensure all your jobs are intact, you're better off just re-creating them on a new, clean MSDB.
SQL Server 2005 DBMail.
I had all of this working, but then it just stopped. I tried starting over from scratch to no avail
The surface area configuration tool has been used to make sure the procs in msdb are active.
I've tried stopping and starting the mail service with sysmail_stop_sp and sysmail_start_sp.
I made sure that the Mail Profile is enabled in the ALert System section of SQL Server Agent. I did change the profile being used some time ago and have NOT cycled the server up and down - it would be a big deal to do this.
I've tried stopping and starting SQL Server agent.
I've confirmed that the user belongs to the msdb database and has the role DatabaseMailUserRole.
SELECT is_broker_enabled FROM sys.databases WHERE name = 'msdb'
1
dbo.sysmail_help_status_sp;
STARTED
sysmail_help_queue_sp #queue_type = 'Mail'
mail 258 NOTIFIED 2011-08-19 16:51:34.500 2011-08-19 16:51:34.500
The state used to be RECEIVES_OCCURRING when it was working.
All email queues up with a sent_status of Unsent.
I've triple checked my email credentials and they're all good. I've tried ports 25 and 2525, both of which are accepted by my provider.
I've verified that the credentials are good by setting them up in another mail client ans successfully using them to send mail.
Am at wit's end. Anyone know what could be going on?
i had this problem before, it’s the dbmail setup within sql that’s corrupted or as Microsoft told me "stalled" are you sending HTML over the dbmail from say a job within sql using cast?
If so check the job and make sure there isn’t a problem inside first but what i did was delete the dbmail profile and then just re made it and then it just decided to start working again.
Have you also looked with the administrate tools as usually it will post an application error on why it failed (inside control panel)
Let me know if the deletion of the profile worked and i can maybe take you through a couple of things i was told to try first.
I have almost exactly this problem. I say, almost exactly because the answer that worked for this gentleman did nothing whatsoever for me. I can open my own database and see all of the lovely RS data sitting there staring at me but the actual Reporting Services installation still can't. This all came about because of precisely what he said. We accidentally left the password policy on on the Reporting Services account and it expired. When I changed it the whole thing went kaputt. I'm still getting the "key cannot be used in current state" error message even after dropping all encrypted data from the RS installation. I have no access to the Report Manager to reset encrypted information. Has anyone got any suggestions?
EDIT: In continuing my research I found this suggestion. It's not that.
Well... here's the thing.
I eventually tried creating a whole new user to take charge of the SSRS operations. I also remembered to update those details on our live data server. (I did this first and it failed to work as it was still telling me the key could not be used then.)
I guess that there must be something that prevents the reassignment of the SSRS gofer account's password. The new user is set up identically and works perfectly. So that's what cleared it up for me but I'm a little irritated that I still don't know exactly why...