February 21, 2012 at 8:28 am
Hi All
Recently moved to a new company and just getting my head around the infrastrcture at the moment.
Each node in a cluster is constantly trying to log in to the other nodes in the cluster but getting the below error message
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: xxx.xxx.xxx.xxx]
Its an A/A/A/P clusters each A custer node is reporting the above error, but the P node reports
Login failed for user 'DOMAIN\SERVER$'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: xxx.xxx.xxx.xxx]
Not seen this behavour before on a cluster, but seen the error running SSMS and UAC on Win7 but the error is happening every few milliseconds and cant see anything running which would cause it.
February 21, 2012 at 8:44 am
to add
there are no windows scheduled tasks, no linked servers, no ssis packages which span nodes in the cluster except for the management data warehouse data collectors, but this was configured only a few weeks ago but the errors have been occuring since July so I have ruled data collector out of the cause.
Error: 18456, Severit: 14, State: 11
February 21, 2012 at 10:56 am
February 22, 2012 at 12:57 am
sengeet86 (2/21/2012)
this article may help you.
http://sql-articles.com/articles/troubleshooting/troubleshooting-login-failed-error-18456/
yep i've looked through that already
as its state 11 the login can login but nothing after that, the only thing I can think of is the MS Cluster Service is running as local system on all of the machines, now from my experience before with clusters it should run as a domain account and that account should have rights to SQL.
Any one agree on this disagree etc?
February 22, 2012 at 8:16 am
Got a little but further with this today.
Ran a trace against one instance and noticed the the nodes where trying to login with SQLCMD, so I took a look at what could be calling it and found nothing.
Then I looked at what services where running under local system and there was a service called WOTS. We use a 3rd party for hosting the prod environment so I am guessing its something they have installed. Just waiting to hear back from them if it does call SQLCMD and if it can be changed to a domain account.
February 23, 2012 at 3:02 am
I had faced a similar issue and it was because of the VSS service which was set to manual and was failing continously after a server restart. But at that time I had seen these error messages - Login failed for user 'NT AUTHORITY\SYSTEM'
M&M
February 23, 2012 at 3:06 am
mohammed moinudheen (2/23/2012)
I had faced a similar issue and it was because of the VSS service which was set to manual and was failing continously after a server restart. But at that time I had seen these error messages - Login failed for user 'NT AUTHORITY\SYSTEM'
As its a cluster and the app in question runs across all nodes, the 3rd party says its trying to do the same task on each node 4 times, so node 1 will get metrics from nodes 1,2,3,4 then node 2 does the same etc. So when node 1 talks to node1 it works as its got NT AUTHORITY\System, but when Node2 talks to node1 its not got access as the system account is only local for that node not the other nodes in question.
February 23, 2012 at 3:19 am
Thanks for clarifying.
M&M
February 23, 2012 at 6:14 am
anthony.green (2/23/2012)
mohammed moinudheen (2/23/2012)
I had faced a similar issue and it was because of the VSS service which was set to manual and was failing continously after a server restart. But at that time I had seen these error messages - Login failed for user 'NT AUTHORITY\SYSTEM'As its a cluster and the app in question runs across all nodes, the 3rd party says its trying to do the same task on each node 4 times, so node 1 will get metrics from nodes 1,2,3,4 then node 2 does the same etc. So when node 1 talks to node1 it works as its got NT AUTHORITY\System, but when Node2 talks to node1 its not got access as the system account is only local for that node not the other nodes in question.
another 3rd party app ruins the day!
Good to know it's not the DBA's fault 🙂
Viewing 9 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply