1 2 Previous Next 10 Replies Latest reply on Mar 10, 2017 1:23 PM by tao

    SQL and Remote issues

    jbrown92

      I'm looking for some insight on this because I'm at a loss.

       

      I have everything setup to allow the connection via port 1433. I can see the traffic hitting my ePO SQL server, but its not allowing them to authenticate. It is not showing up in the SQL logs at all nor the windows logs. I do see the established 1433 connection in netstat. Its as if they don't see a SQL instance at all once they are in.

        • 1. Re: SQL and Remote issues
          Peacekeeper

          Moved to EPO forum for a better chance of an answer

          • 2. Re: SQL and Remote issues
            tao

            Open the Database Configuration page for ePO using a web connection: https://<servername>:8443/core/config Click Test Connection (bottom-right corner) to verify the connection to the database is successful.

             

            Also, under ePO Configuration Registered Servers/Authentication type is the same on the SQL side.

            • 3. Re: SQL and Remote issues
              jbrown92

              How do i check this on the SQL side?

              • 4. Re: SQL and Remote issues
                tao

                SQL Permissions:

                Under Sql Server Management Studio, right click DB (not the instance), select properties, then select security: server authentication

                 

                SQL Port Confirmation:

                1) SQL Server Configuration Manager

                2) SQL Server Network Configuration > Protocols for <Instance Name>

                3) Right Click on TCP/IP and select Properties

                4) In TCP/IP Properties dialog box, go to IP Addresses tab and scroll down to IPAll group.

                • 5. Re: SQL and Remote issues
                  jbrown92

                  So I checked the areas you suggested but they were already filled in with the correct info already.

                   

                  Here's everything I've done:

                   

                  Allowed bi-directional traffic through the firewall.

                  Allowed remote connections on SQL.

                  Running netstat I can see the established connection.

                  No logs get generated from them trying to access nor any error logs from failed attempts in SQL Studio or Windows.

                  Running tcpdumps on all interfaces I can see their traffic coming all the way through to the server and stays up through keep-alives. However it seems it doesnt know where to go after its in the server. They run a database connection and it fails.

                  I've tried having them use the default instance as well as what we thought might be a different name.

                  • 6. Re: SQL and Remote issues
                    tao

                    "....I can see the traffic hitting my ePO SQL server, but its not allowing them to authenticate....."  "THEM" are they trying to logon to the ePO console?  If so, are they using AD or ePO local created accounts?  If using AD; make sure to add your LDAP server under Configuration / Registered Servers. 

                    • 7. Re: SQL and Remote issues
                      jbrown92

                      They are using SQL accounts that we created directly on the instance. We have double checked the permission are correct as well. The account is connecting over port 1433. They are using an extension installed in ePO to do the connection. The goal is to try and perform rollup to an external ePO.

                      • 8. Re: SQL and Remote issues
                        tao

                        "...They are using an extension installed in ePO to do the connection...." So, sounds like they are able to login to ePO, yet unable to initiate SQL connection through the extension. Wondering, on the ePO w/the SQL extension, has the SQLDB been added to Registered Server?

                        • 9. Re: SQL and Remote issues
                          jbrown92

                          That's exactly what they are trying to do, they are trying to add us as a registered server so that they can pull our event logs out of the database. They are using that extension to connect. Encryption has been ruled out on both ends.

                          1 2 Previous Next