Solved: I also believe it's not EV

EVRocks · ‎03-06-2014

Since I removed the last AD 2003 DC within our environment, EV is unable to connect to the remote SQL server. As soon as I start the EV admin service or run the deployment scanner the service account gets locked out. EV was able to connect to SQL prior to this change. Previously I had 2 DC (2003 and 2012) and EV was working but as soon as I demote the DC 2003, EV stopped working.

The EV service account has full permission. SQL logs shows this error: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: EV IP address]

Since I am unable to launch the EV console I am not sure if EV was manually configured to point to a specific GC server.

I know EV 10.04 is compatible with AD 2012.

Any ideas..! has anyone seen this issue.

EVRocks · ‎03-07-2014

I thought that might be the case. I even tried promoting the 2003DC but obviously it's the same old DC.

The erros pointed to SPN.

since it was in the preprod environemnt I decided to rebuild both servers.

thank you guys for your vaild input. I always pick something new from these threads.

View solution in original post

Rob_Wilcox1 · ‎03-06-2014

First of all, I would set all the EV Services to disabled.

Reboot the machine.

Then log back in again, and check the system event log and application event log for errors.

You could even remove the machine to a workgroup, and rejoin the domain. Appropriate reboots along the way.

Working for cloudficient.com

GabeV · ‎03-06-2014

Have you tried to create a ODBC connection from the EV server to the SQL server to see if you get the same error message? Also, take a look at this link:

http://blogs.msdn.com/b/dataaccesstechnologies/archive/2012/12/19/error-message-quot-login-failed-the-login-is-from-an-untrusted-domain-and-cannot-be-used-with-windows-authentication-quot.aspx

EVRocks · ‎03-06-2014

EHi Rob,

I followed your steps, no luck. I even removed both EV and SQL servers from the domain and then put them back. still as soon as I try starting admin service or dep scanner the acoount get locked out.

I have also tried ODBC and get SQL failed with the same trust message.

I am getting these two erros on the EV server:

Error 36882 - The certificate received from theError remote server was issued by an untrusted certificate authorty.

Error 36888 - the following fatal alert was generated: 48. The internal error state is 552.

TonySterling · ‎03-06-2014

Have you tried rebooting the SQL server?

Rob_Wilcox1 · ‎03-06-2014

I would contact Microsoft then .. it's a security/AD/domain/Workstation-account type of issue, not, EV as such.

Working for cloudficient.com

EVRocks · ‎03-07-2014

I also believe it's not EV realted something to do with certification or kerberos related.

Yes I did reboot both servers a number of times.

Thank you ALL.

GabeV · ‎03-07-2014

If creating a ODBC connection to the SQL server gives you the same error message, then it's definitely a Microsoft issue. It could be possible that the Windows server is still trying to contact the old WS2003 DC for authentication but calling Microsoft would be the next step to fix it.

EVRocks · ‎03-07-2014

I thought that might be the case. I even tried promoting the 2003DC but obviously it's the same old DC.

The erros pointed to SPN.

since it was in the preprod environemnt I decided to rebuild both servers.

thank you guys for your vaild input. I always pick something new from these threads.

VOX

EV Service Account get locked out