Environment
Novell Sentinel 6.1 Sentinel Server
Microsoft SQL Server 2005
Microsoft Windows Server 2003 Enterprise Edition
Distributed environment: Sentinel components installed in a different server to the database
Connection to the SQL Server is being attempted using Windows Authentication
Microsoft SQL Server 2005
Microsoft Windows Server 2003 Enterprise Edition
Distributed environment: Sentinel components installed in a different server to the database
Connection to the SQL Server is being attempted using Windows Authentication
Situation
During the install process, after specifying the credentials for the database, an error is returned specifying: "Login to database failed. This could be because the login, password or database name is incorrect".
In the install log, the following error is present:
Setup.product.install, java.lang.String, err, esecurity.base.exceptions.DBConnectException: Login failed for user ''. The
user is not associated with a trusted SQL Server connection. - SQLState : 28000 - ErrorCode : 18452
On the SQL server side, the following error is present:
SSPI handshake failed with error code 0x80090302 while establishing a connection with integrated security; the connection has been closed.
In the install log, the following error is present:
Setup.product.install, java.lang.String, err, esecurity.base.exceptions.DBConnectException: Login failed for user ''. The
user is not associated with a trusted SQL Server connection. - SQLState : 28000 - ErrorCode : 18452
On the SQL server side, the following error is present:
SSPI handshake failed with error code 0x80090302 while establishing a connection with integrated security; the connection has been closed.
Resolution
The problem occurs when the Local Security settings in the SQL Server have been adjusted and the parameters "Network Setting: LAN Manager authentication level" or "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" have been modified.
In order for the Windows Authentication method to work properly, the installation needs to be done without using NTLM v2. Engineering is currently investigating the possibility to enable this for the installation process.
Once installed, it is possible to restore the more limiting Security Policies. Refer to KB 3191014, called "How to enable NTLMv2 Authentication in Sentinel 6" for more specifics on this topic.
In order for the Windows Authentication method to work properly, the installation needs to be done without using NTLM v2. Engineering is currently investigating the possibility to enable this for the installation process.
Once installed, it is possible to restore the more limiting Security Policies. Refer to KB 3191014, called "How to enable NTLMv2 Authentication in Sentinel 6" for more specifics on this topic.