March 21, 2024 at 11:29 am
Issue Resolved by creating the DisableLoopbackCheck reg key
You can find it here
Method 2
Good Day,
I am hoping you can help with a frustrating issue i have encountered.
We have recently setup a domain joined SQL 2022 Cluster using HYPER-V failover.
All is working well with the databases and the failover.
The issue We have encountered is with our SQL Agent jobs.
We have a few setup and when ever they are run we are presented this error.
SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The operating system error code indicates the cause of failure. The logon attempt failed [CLIENT: 192.168.36.217]
Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication. [CLIENT: 192.168.36.217]
this error repeats 3 times.
The SQL cluster makes use of two ranges
192.168.30 for domain traffic
192.168.36 for SQL server traffic
Looking at the error above it appears the SQL agent job is attempting to authenticate to our DC but using the wrong IP range which has no access to our DC.
I have tried many fixes that are on multiple sites
But they all appear to rather be for actually logging into SQL rather than the agent jobs.
Any help or advice to bypass this issue would be greatly appreciated
March 21, 2024 at 1:08 pm
Can this ref be applicable for your issue?
gMSA account authentication failure during password rotation
Johan
Learn to play, play to learn !
Dont drive faster than your guardian angel can fly ...
but keeping both feet on the ground wont get you anywhere :w00t:
- How to post Performance Problems
- How to post data/code to get the best help[/url]
- How to prevent a sore throat after hours of presenting ppt
press F1 for solution, press shift+F1 for urgent solution 😀
Need a bit of Powershell? How about this
Who am I ? Sometimes this is me but most of the time this is me
March 21, 2024 at 1:55 pm
Hi Johan
Thanks for replying.
I went through the post, attempted a few of the suggestions, But they didn't really pertain to our issue.
March 21, 2024 at 6:08 pm
Can yo find out Active Directory account is not locked out and the password has not expired?.
Secondly, you may use proxy account to run the job, make sure the account has full permissions to all the servers in the cluster.
=======================================================================
March 26, 2024 at 1:59 pm
Hi all.
I wanted to report back that i was able to overcome this issue by doing the loopback reg fix
you can find it here
Method 2
March 26, 2024 at 2:44 pm
Hi all.
I wanted tyo report back that i was able to overcome this issue by doing the loopback reg fix
you can find it here https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/accessing-server-locally-with-fqdn-cname-alias-denied
Method 2
Thank you for the feedback.
Yee good old Win2003 sp1 ⊗ to the rescue 🙂
Johan
Learn to play, play to learn !
Dont drive faster than your guardian angel can fly ...
but keeping both feet on the ground wont get you anywhere :w00t:
- How to post Performance Problems
- How to post data/code to get the best help[/url]
- How to prevent a sore throat after hours of presenting ppt
press F1 for solution, press shift+F1 for urgent solution 😀
Need a bit of Powershell? How about this
Who am I ? Sometimes this is me but most of the time this is me
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply