Sunday, February 19, 2012

CANNOT SET PARTNER 'NT AUTHORITY\ANONYMOUS LOGON.' failed

i tried to set up mirroring having only principal and mirror. mirroring endpoints were easily created for both servers. when i try to add the partner name it responds with
Msg 1418, Level 16, State 1, Line 1
The server network address "TCP://machine1.domain.com:5022" can not be reached or does not exist. Check the network address name and that the ports for the local and remote endpoints are operational.
On the log of machine1 i see,
Database Mirroring login attempt by user 'NT AUTHORITY\ANONYMOUS LOGON.' failed with error: 'Connection handshake failed. The login 'NT AUTHORITY\ANONYMOUS LOGON' does not have CONNECT permission on the endpoint. State 84.'.

i have similar problems as in

http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1020144&SiteID=1

i am a sysadmin on both SQL Servers and have connect permission on both end points.
Both the endpoints are in started state and listening to all IP's
Both services are as 'Local System'
As per what was mentioned in the above post to add a 'domain/machine$' user did not help.
Tried using setspn.exe to add a new SPN MSSQLsvc/<HOST>:<MIRRORINGPORT> did not work. an ERROR comes 'not enough privileges'
setup shows the following SPN only on both
HOST/Machine name
HOST/Machine name.Domin.com
MSSQLSvc/Machine name.Domin.com:1433
SMTPSVC/Machine name
SMTPSVC/machine name.Domain.com

and on second machine
HOST/Machine name

HOST/Machine name.Domin.com

MSSQLSvc/Machine name.Domin.com:1433

any Clues?

Udit Ghai wrote:


Tried

using setspn.exe to add a new SPN

MSSQLsvc/<HOST>:<MIRRORINGPORT> did not work. an ERROR

comes 'not enough privileges'

This is probably your problem. Run this command from an account with enough priviledges on the Active Directory. One easy trick is to run this command as the LocalSystem of the machine <HOST>. To achieve this, you must start a command prompt as LocalSystem on <HOST>. Use the AT service for this, scheduling an interactive CMD.EXE one minute in future. E.g. if the clock is 11:45, run this:
at 11:46 /interactive cmd.exe
In one minute a command prompt running as LocalSystem will popup. From this, run the SETSPN. You must do this on all machines involved (principal, witness, mirror if any)

HTH,
~ Remus

P.S. This assumes you're running the SQL Server service as LocalSystem or as NETWORK SERVICE.

Posted by Barton at 2:00 AM
Labels: , , , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)