AdtServer Event ID 4618 - Logon Failed
So, you installed Audit Collection Services (ACS) and the collector isn't able to connect to the OperationsManagerAC database. You get a bunch of errors in your Operations Manager and Application event logs on your ACS Collector:
Event Type: Error
Event Source: AdtServer
Event Category: None
Event ID: 4618
Date: 3/13/2008
Time: 12:23:30 AM
User: N/A
Computer: OMMS
Description:
Error occured on database connection:
Status: 0x02200000
ODBC Error: 18456
ODBC State: 28000
Message: [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Database: Register
Connection: ComplianceTest
Event Type: Error
Event Source: AdtServer
Event Category: None
Event ID: 4618
Date: 3/12/2008
Time: 11:22:10 PM
User: N/A
Computer: OMMS
Description:
The description for Event ID ( 4618 ) in Source ( AdtServer ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: 0x02200000, 18456, 28000, [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'., Register, ComplianceTest, -.
If the SQL Server which hosts your ACS database is set to logon using a domain account, there may be a couple extra steps you may need to take beyond installation to get things flowing properly.
Before I go any further, first be sure you have these tools:
KERBTRAY is part of the Resource Kit Tools. Download here.
SETSPN can be downloaded here.
Logon to the SQL Server housing the ACS database. Open a CMD prompt and type the following command:
setspn -L <domain>\<account>
This is the account in which SQL Server logs in as:
Example 1
Example 2
We are looking for results like in the example. If no registered SPN's are returned, we need to register them. Do so by running the following commands:
setspn -A MSSQLSvc/<fqdn> <domain>\<account>
and
setspn -A MSSQLSvc/<fqdn>:<port> <domain>\<account>
Example 3
If you run setspn -L <domain>\<account> again, you should see the result return register SPN's like in example 2.
Now, open up Active Directory Users and Computers and navigate to the user account that SQL Server log in as. Right-click > Properties > click Account tab. Check "Account is trusted for delegation" in the Account options list.
Example 4
Now logon to a Domain Controller and startup KerbTray. You should see a green icon appear in the system tray.
Example 5
Right-click the KerbTray and click Purge Tickets. Wait for the icon to turn yellow. Then, in CMD prompt, run the command:
net session* /d
Restart the MSSQLSERVER service on the ACS SQL Server and the Audit Collection Collector Service on the ACS Collector. Soon after, new tables and views should be created in your ACS database.
Example 6
