cancel
Showing results for 
Search instead for 
Did you mean: 

Having issues connecting to Directory

trpe71
Level 4

Hello,

In my dev environment I am all of a sudden not able to access VAC and get the following errors on all of the EV servers in the test domain. Any ideas would be very much appreciated!

Thanks!

 

I am running 11.0.1 on W2k8 R2 x64

Perms are correct on SQL server

Firewall is turned off

AV is disabled

V-437-6677
Unable to access the Directory Service on evtest.domain.com (or on the local server) 

Check that the Directory Service is running. The process will automatically continue normal operation as soon as the Directory Service becomes available.

V-437-8600
The connection to SQL Server could not be established.
The connection will be tried repeatedly until the Directory Service is stopped.
SQL Server : SQLTest1\SQLTest1

10 REPLIES 10

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified

Hello,

Have you verified on the SQL server mentioned the connection is indeed possible? Can you ping it using that alias? Open SQL Manager, see if you still have the databases, if they are mounted, check for other problems on SQL.

In general, if your EV services (at least Admin and Directory) are running, and SQL is up (no connection errors :) ), then you should be able to open the console.

 

Regards. Gertjan

Hi Gertjan,

Thank you for the reply. Yes, the DBs are fine and I can browse the SQL from the EV server and perms are good. The DBA says he see active connections but I am just not able to open the console, generally I would see things like this because of AV but that has been disabled for the time being. It does look like we have the TLS 1.0 issue in kb 100042824 I know that will impact deployment scanner but didnt think that would keep me from connecting with VAC I have seen that before and everything except for DS was fine until adjusting?

Thanks!

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified

Hello.

Did anything change on SQL? changed portnumber for instance?

What I would do: Stop all EV services. On 1 server, start Dtrace, trace DirectoryService. open eventviewer, ev log.

when trace is started, start the directory service. this will automatically also start the admin service. As soon as the event appears in the eventlog, stop the dtrace. check in the dtracefile if you see something obvious. speaking of deploymentscanner, can you run that for only the SQL check (deselect exchange/file/centera etc), what does that give.

Regards. Gertjan

DS lists Unable to connect to at least one of the SQL servers listed. I would say that is the TLS 1.0 issue which I am working on but I have seen that before and was still able to access VAC. As far as the DTrace  I am seeing this:

Thanks!

 

444 07:36:22.907  [4136] (AdminService) <3832> EV:L {VaultCoCreateInstanceEx} Attempt [3] to create COM object failed. CLSID [{F4D3EB5B-C8363-11D1-90DB-0000F879BE6A}] Server Name [(null)] Elapsed [0.001s] Result [Access is denied.  (0x80070005)]

496 07:36:28.383  [4136] (AdminService) <3832> EV~W Event ID: 6677 Unable to access the Directory Service on evtest.domain.net (or on the local server)  |Check that the Directory Service is running. The process will automatically continue normal operation as soon as the Directory Service becomes available. |For more information, see Help and Support Center at http://entced.symantec.com/entt?product=ev&language=english&version=11.0.1.0&build=11.0.1.3683&error...
497 07:36:38.398  [4136] (AdminService) <3832> EV:L {VaultCoCreateInstanceEx} Attempt [1] to create COM object failed. CLSID [{F4D3EB5B-C7C5-11D1-90DB-0000F879BE6A}] Server Name [(null)] Elapsed [0.002s] Result [Access is denied.  (0x80070005)]
498 07:36:38.554  [5892] (DirectoryService) <6428> EV:L CADOContext::CreateConnection exit. source:Provider=SQLOLEDB;Server=SQLTestv4\SQLTestV4;Database=MASTER;Integrated Security=SSPI hr=Unspecified error  (0x80004005)
499 07:36:38.554  [5892] (DirectoryService) <6428> EV:H CDirectoryServiceObject::CheckDirectoryEntry - Directory database existence check has failed. The connection to SQL Server could not be established.   The connection will be tried repeatedly until the Directory Service is stopped.   SQL Server : %1     For more information, see Help and Support Center at http://entced.symantec.com/entt?product=ev&language=english&version=11.0.1.0&build=11.0.1.3683&error... (0xc0042198)
500 07:36:38.554  [5892] (DirectoryService) <6428> EV~E Event ID: 8600 The connection to SQL Server could not be established. |The connection will be tried repeatedly until the Directory Service is stopped. |SQL Server : SQLTestV4\SQLTestV4 |For more information, see Help and Support Center at http://entced.symantec.com/entt?product=ev&language=english&version=11.0.1.0&build=11.0.1.3683&error...

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified

Your first entry mentions

SQL Server : SQLTest1\SQLTest1

The trace shows however below
[5892] (DirectoryService) SNIP Server=SQLTestv4\SQLTestV4 SNIP hr=Unspecified error  (0x80004005)

Verify which one you need.

Regards. Gertjan

Sorry,that would just be me messing up the re-type, I cannot send out the actual server name in any outside posts so I changed it but just typed the name wrong in one. Smiley Wink There is only one SQL server, I will make sure to call it SQLTestv4\SQLTestV4 moving forward.

Thanks!

 

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified

Hello again,

I would first make sure that Deployment Scanner can run properly.

I also see an access denied in your tracefile. Can you verify the VSA is member of Local Admin group? If connectivity is correct, permissions on SQL are correct, can you perhaps do a re-install of the binaries? After install, run configuration, select to use ' existing database'. That should re-establish necessary permissions on the ev-server.

 

Regards. Gertjan

Hello,

Deployment scanner does not see it either. VSA is local admin and admin\DBO on SQL server. I was kind of thinking the same thing on the binaries but if DS cannot see the SQL server that seems more like something on the server. I created a UDL file and tested the connection to SQL and it complained about SSL client handshake failed so that is the next thing I am looking at and if I cannot get it resolved on that path I will look more at the binaries.

Thanks,

Travis

 

It turned out to be an issue with SSL/TLS and the server guys were able to enable everthing correctly. 

Thanks!

Trpe71

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified

Good find!

Can you mark one of the entries (or your own) as Solution?

That way people know it is resolved, or can check if it is similar to what they have.

Thanks!

Regards. Gertjan