locked
Self Service Portal 2012 - The Remote SQL server is not accesable. Error during install. RRS feed

  • Question

  • I am attempting to install the Web Portal on a 2008 r2 server.  I am stuck on the step to select the Service Manager Database.  I get error "The remote SQL Server is not accessible. Make sure that Windows Firewall on the remote SQL server has the appropriate ports open to enable remote access." 

    I have opened port 1433 in the firewall and enabled TCP/IP in the protocols.  I can connect to the server via telnet on port 1433.  A portqry test returns port 1433 as listening.  I can make a test connection via a test ODBC connection from the server to the Service Manager Database.  I also tried connecting via SQL Server Management Studio from a third server to the Service Manager Database server and that was successful as well. 

    I am not sure what is not allowing the install to see the Database server. Any suggestions would be greatly appreciated.

    Update: Looking in the event log shows 100009 DistributedCOM with message "DCOM was unable to communicate with the computer <SCSMDatabaseservername> using any of the configured protocols."  Does the Web Portal use additional ports besides 1433?

    • Edited by Misha Rudiy Friday, May 4, 2012 10:55 PM Update
    Friday, May 4, 2012 4:32 PM

Answers

  • After running TCPview, I was able to identify additional ports that need to be open when installing the Web Portal.  It looks like ports 135 and 5724 need to be open between the SCSM server and the Web portal server.  I also needed to open port 49154 in order for install to finish.  Port 49154 is probably a dynamic port created for the SQL connection even though it still used port 1433.  The documentation only specified that port 1433 needed to be open between the SCSM server and the Web Portal.  If the other ports are not open however,  the installation will fail.
    • Marked as answer by Misha Rudiy Tuesday, May 8, 2012 2:44 PM
    Tuesday, May 8, 2012 2:44 PM

All replies

  • After running TCPview, I was able to identify additional ports that need to be open when installing the Web Portal.  It looks like ports 135 and 5724 need to be open between the SCSM server and the Web portal server.  I also needed to open port 49154 in order for install to finish.  Port 49154 is probably a dynamic port created for the SQL connection even though it still used port 1433.  The documentation only specified that port 1433 needed to be open between the SCSM server and the Web Portal.  If the other ports are not open however,  the installation will fail.
    • Marked as answer by Misha Rudiy Tuesday, May 8, 2012 2:44 PM
    Tuesday, May 8, 2012 2:44 PM
  • We had a similar issue, tring to install the database. Our server follows best practices with no named pipes, only has TCP 1433 with the default instance. An firewall is 1433 only.

    This installer seems to absolutely try 135 to do RPC portmapping, tries about 3 different high ports around 576xx, fails, then seems to fall back if that doesn't work to 49155 or like this user said maybe 49154.

    Having to open the firewall for RPC from the app server to the db server is ridiculous. I tried enabling named pipes and opening 445 first to see if that was enough to trick it to try something else. It didn't work. I had to have 1433 of course, but then also open 135 and 49155 in my case.

    MS needs to figure out what is wrong with their installer procedure. I probably have 200 other apps including a lot of MS ones, and I have never had to do anything like this.


    UC Berkeley

    Addendum...

    We ran this again, and it did the same, it tried 3 in the high 57xxx range and then settled on one lower...but it was different this time...  49157 so it seems you can probably open something around 49154-49157, but it is "random"    Regardless, again, MS needs to correct this approach. Most organizations have an extensive change management process requiring firewall changes, and it goes against everything MS has ever really encouraged towards 1433TCP only for security reasons.  The installer should not need that kind of RPC access. I can sort of understand port 445 if something like system center is looking to see some WMI/service configuration/OS config, but high RPC does not make sense, and will be a real pain for people.

    • Edited by Forrestsjs Monday, June 4, 2012 6:49 PM more information
    • Proposed as answer by tylercranston Wednesday, October 10, 2012 9:51 PM
    Friday, June 1, 2012 9:12 PM
  • Does the 49154-49157 high range port need to remain open? Or this is only a requirement for the installation process?
    Friday, October 19, 2012 1:39 PM
  • As far as I have been able to tell without really diving into to look is that it only needs this during install. However, I suspect it may need it for service packs so I just left it open unfortunately. 

    It seems like it will either pick a port around 49154 or one around 57000 during the install. I think if you have ports around those ranges open, it will find one.   In the end, to avoid problems during upgrades/patching, I just left 49000-63000 open from the front end server.


    UC Berkeley

    Friday, October 19, 2012 4:31 PM