none
SCOM: "Could not find a login matching the name provided" on Datawarehouse Server

    Question

  • Hi,

    we have in our SCOM infrastructure some SCOM Management Server (MS), and on any separat machines "operations DB server" and "datawarehouse DB server".

    We use as SCOM action account z.B. "DOMAIN\om-action".

    Datawarehouse DB server logs many login failures from only and only from one Management Server as below. For other MS, there is no login failure. "DOMAIN\om-action" account does not exist on "datawarehouse DB", but only on "operations DB server". That is also correct so.

    Log Name:      Application
    Source:        MSSQL$DW
    Date:          11.07.2018 15:17:57
    Event ID:      18456
    Task Category: Logon
    Level:         Information
    Keywords:      Classic,Audit Failure
    User:          DOMAIN\om-action
    Computer:      <DATAWAREHOUSE SERVER>
    Description:
    Login failed for user ''. Reason: Could not find a login matching the name provided. [CLIENT: <MANAGEMENT SERVER>]

    Whyt an MS tries to use action account to connect to "datawarehouse DB server"? Can somebody clear this issue?

    Best regards

    Birdal


    • Edited by _Birdal Thursday, July 12, 2018 11:16 AM
    Thursday, July 12, 2018 11:12 AM

All replies

  • Hi Birdal,

    Have you imported the SQL management pack and created RunAs account?

    Please refer to this:

    SQL MP Run As Accounts – NO LONGER REQUIRED

    https://blogs.technet.microsoft.com/kevinholman/2016/08/25/sql-mp-run-as-accounts-no-longer-required-2/


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, July 12, 2018 11:27 AM
  • I'll be following this, I've noticed the same thing on a lab environment I deployed a few days ago but did not have time to troubleshoot it any further.

    I guess I messed up some permissions somewhere, but I can't tell why...

    That's not related to the SQL MP, for what I've seen.


    • Edited by CyrAz Thursday, July 12, 2018 12:02 PM
    Thursday, July 12, 2018 12:00 PM
  • Hi dktoa,

    yes, I did.

    But this has no relationship to this issue.

    Best regards

    Birdal

    Thursday, July 12, 2018 2:34 PM
  • Hi CryAz,

    it is very strange, why only one MS tries to connect to datawarehouse DB using DOMAIN\om-action.

    I didn't find any information in Internet until now.

    Best regards

    Birdal

    Thursday, July 12, 2018 2:38 PM
  • Hi,

    Is the account member of local admins of the SQL server in question ? What if you restart the System Center Management Health Service on the Management Server ?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, July 12, 2018 6:59 PM
  • Hi dktoa,

    why sould om-action account should be a member of admins of the SQL server?

    It is not needed on dataware hous DB server. Isn't it?

    If yes, please refer me any MS article.

    Best regards

    Birdal

    Tuesday, July 17, 2018 2:34 PM
  • You're right birdal, there is no need for this.

    Also local admins are not SQL admin anyway, so that would not help.

    Tuesday, July 17, 2018 3:30 PM
  • This issue is caused by some workflows loading and running on the management servers (targeting a class loaded by a resource pool) that does "something" to the warehouse.... and that workflow incorrectly is running under the Management Server Action account.  It should be running under the DW omread or omwrite accounts generally... 

    There are some MP's that do this erroneously - one of which is the client OS MP's.  They attempt to load some special datasets and write to them, but the login does not exist.  You can review the management server event logs on that management server and it will show you which workflow is failing on a fairly regular basis. 

    To fix, you can research if that workflow supports a RunAs account and configure it appropriately - or, just grant rights to your Management Server Action Account to the DW SQL instance and DW database.


    Kevin Holman https://blogs.technet.microsoft.com/kevinholman/

    Friday, August 3, 2018 11:13 PM
    Moderator
  • Hi Kevin,

    sorry for the late feedback. I was in holiday.

    OK, I will check it and give you a feedback.

    Best reagrds

    Birdal

    Friday, September 7, 2018 10:29 AM