Remote install of Sentinel components fails if NTLMv2 is required

  • 7006455
  • 16-Jul-2010
  • 26-Apr-2012

Environment

Novell Sentinel 6.1 Sentinel Server
Microsoft SQL Server 2005
Microsoft Windows Server 2003 Enterprise Edition
Distributed environment: Sentinel components installed in a different server to the database
Connection to the SQL Server is being attempted using Windows Authentication

Situation

During the install process, after specifying the credentials for the database, an error is returned specifying: "Login to database failed. This could be because the login, password or database name is incorrect".

In the install log, the following error is present:
Setup.product.install, java.lang.String, err, esecurity.base.exceptions.DBConnectException: Login failed for user ''. The
user is not associated with a trusted SQL Server connection. - SQLState : 28000 - ErrorCode : 18452

On the SQL server side, the following error is present:
SSPI handshake failed with error code 0x80090302 while establishing a connection with integrated security; the connection has been closed.

Resolution

The problem occurs when the Local Security settings in the SQL Server have been adjusted and the parameters "Network Setting: LAN Manager authentication level" or  "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" have been modified.

In order for the Windows Authentication method to work properly, the installation needs to be done without using NTLM v2. Engineering is currently investigating the possibility to enable this for the installation process.

Once installed, it is possible to restore the more limiting Security Policies. Refer to KB 3191014, called "How to enable NTLMv2 Authentication in Sentinel 6" for more specifics on this topic.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.