|
Posted by Roger Abell [MVP] on March 7, 2007, 12:00 pm
Please log in for more thread options Perhaps you should ask in
microsoft.public.sqlserver.security
or another of the sqlserver newsgroups ??
>A partial fix for the time being... have found out that the problem is the
> ReportServer service. Created a new SQL service account, restarted
> SQLService
> and ReportServer services using this, disabled the old SQL Account. Now
> get
> logon 5 errors old SQL account calling new SQL account. When i disable the
> ReportServer service they logon failures stop. Have left the service
> disabled
> as it doesn't seem to be affecting anything, could be from a legacy
> application perhaps, though would like to know what it was!
>
> "Cat Wakefield" wrote:
>
>> Hi,
>>
>> We've started getting a repeated error in our security log in the main
>> SQL
>> and IIS server "SERVER01". The error is as follows:
>>
>> Source: Security
>> Category: Logon/Logoff
>> Type: Failure Audit
>> Event ID: 529
>> User: NT Authority\system
>> Computer: Server01
>>
>> Logon Failure:
>> Reason: Unknown username or bad password
>> Username: SQLServiceAccount
>> Domain: ourdomain
>> Logon Type: 2
>> Logon Process: Advapi
>> Authentication Package: Negotiate
>> Workstation name: Server01
>> Caller Username: SQLServiceAccount
>> Caller Domain: OURDOMAIN
>> Caller Logon ID: (0x0,0x1E68FE)
>> Caller process ID: 4432
>>
>> The "SQLServiceAccount" is only used for logon by SQL and the
>> ReportServer
>> service (used by CRM), both are started fine, i'm not aware of anything
>> else
>> using the service account. "Server01" hosts all our websites and
>> databases
>> for CRM/Sharepoint.
>>
>> I could really do with some help where to start tracking this down (or a
>> magical quick fix!!) - the event is being logged sporadically around
>> every 30
>> seconds or so, i'm not aware of any services being affected.
>>
>> Thanks.
>>
>>
>>
| 
XML Sitemap