Hello,
Environment:
3 BizTalk servers in a group
2 clustered SQL nodes.
Node-A has the BizTalk databases (Node-A\INST1)
Node-B has BAM and SSODB databases (Node-B\Inst2)
We are attempting to implement Kerberos authentication from our BizTalk 2006 R2 servers to clustered SQL Server 2005 servers.
Process:
Edit BizTalk config file to use kerberos.
Create SPN's. We create a total of 8 SPN's.
Restart SQL instances
Problem History:
After completing the 3 steps above, we get various errors in the SQL logs:
- Error 18456, login failed for "domain\user". [SQLSTATE 28000]. User account is for the account running SQL.
- Login to server "Node-A\INST1" failed (ConnAttemptCachableOp)
- Login to server "Node-A\INST1" failed (ConnUpdateJobActivity_NextScheduledRunDate)
- Login to server "Node-A\INST1" failed (JobManager)
- Login failed for user "domain\user". [Client: [url]www.xxx.yyy.zzz] (Here, the user is the account running the BizTalk services)
- Error 18456, Severity 14, State: 16
- Error 18456, Severity 14, State: 11
On yesterday's attempt to try this, the BizTalk host instances all stopped while the SPN's existed. Once the SPN's were deleted, the host instances all started w/o operator intervention.
On the BizTalk servers, the application logs have errors which say the following:
SSO AUDIT
Function: GetConfigInfo ({9284BE78-FAB5-41A6-A121-8F9821882452})
Tracking ID: c3fcbbae-5400-4b06-bd6e-ba1285965fe6
Client Computer: <BizTalk server FQDN> (BTSNTSvc.exe:3956)
Client User: -
Application Name: {9284BE78-FAB5-41A6-A121-8F9821882452}
Error Code: 0xC0002A10, Enterprise Single Sign-On is offline.
We have no idea why we're getting these errors. We know that the accounts and passwords are correct. They have not been changed in ages. We can logon to servers using these accounts.
Can anyone help by providing some insight here? We're really struggling.
Thanks in advance,
DetRich
Bookmarks