Login failed for user Domainname\computername

Hi,

I am using SQL Server 2005. The below message is added to the Application Event Viewer frequently.

Failure Audit: Login failed for user "abc\xyz$". (Client: xx.xx.xx.xx)

abc is my domain name and xyz is my computer name.

When I look @. the SQL error logs, I find the following message:

Error 18456 Severity 14 state 11

Login failed for user "abc\xyz$". (Client: xx.xx.xx.xx)

Please let me know if you have any suggessions.

Thanks

Santhosh

It seems like a service running in the computer xyz is trying to connect to your SQL Server instance. This service must likely is running with local system or network service credentials.

I would recommend investigating what is this service by verifying the services installed in machine xyz; and if indeed it is a service that should be connecting to that SQL Server instance, you can grant access by creating a login for the Windows user [abc\xyz$] and then grant proper permissions.

I hope this information helps. Let us know if you have any further questions.

Thanks,

-Raul Garcia

SDE/T

SQL Server Engine

|||But, xyz$ is a computer account. How can I create a login for Computer Account in SQL? Is this possible?|||

CREATE LOGIN [abc\xyz$] FROM WINDOWS

It should work, let us know if it worked.

Thanks,

-Raul Garcia

SDE/T

SQL Server Engine

|||

Hi Raul,

I created the login using the above mentioned command. It created find.

But, now I get two messages in event viewer.

One is success audit where is says login successful for user abc\xyz$.

immeditely, it also logs in the below failure message.

Failure Audit: Login failed for user "abc\xyz$". (Client: xx.xx.xx.xx)

In the earlier posts, you had mentioned about granting permissions to abc\xyz$ account?

What permissions should we grant.

Can you also help me with the syntax to grant those permissions.

Thanks

Santhosh

|||

Creating the loginshould typically be enough to connect to the system (using master DB).I would recommend using SLQ Server Profiler and check the Security Events section (mark show all events to see all possibilities), to be more specific mark everything under Audit Login & Audit logout

I hope this helps,

-Raul Garcia

SDE/T

SQL Server Engine

|||

We created a login for the computer account name in SQL Server.
From SQL Server, we ran
CREATE LOGIN [Domainname\computername$] FROM WINDOWS
The login created successfully.
Now, we see two audit messages for Domainname\Computername$.
First audit message is..

Login Succeded for user Domainname\Computername$. Connection Trusted.(Client :xx.xx.xx.xx)
Second Audit message is.. Login failed for user Domainname\Computername$. (Client :xx.xx.xx.xx)

Before creating the login, we had only login failed message. But, now we get login succeded message and login failed message for the same username.

Any thoughts would be helpful.

Thanks

Santhosh

|||

Unfortunately I really have no idea on what may be happening. I would suggest trying to enable other events, including any permission checks or any queries being started. Hopefully this extra information will give us a clue on why the connection is failing.

-Raul Garcia

SDE/T

SQL Server Engine

Login failed for user Domainname\computername

Hi,

I am using SQL Server 2005. The below message is added to the Application Event Viewer frequently.

Failure Audit: Login failed for user "abc\xyz$". (Client: xx.xx.xx.xx)

abc is my domain name and xyz is my computer name.

When I look @. the SQL error logs, I find the following message:

Error 18456 Severity 14 state 11

Login failed for user "abc\xyz$". (Client: xx.xx.xx.xx)

Please let me know if you have any suggessions.

Thanks

Santhosh

It seems like a service running in the computer xyz is trying to connect to your SQL Server instance. This service must likely is running with local system or network service credentials.

I would recommend investigating what is this service by verifying the services installed in machine xyz; and if indeed it is a service that should be connecting to that SQL Server instance, you can grant access by creating a login for the Windows user [abc\xyz$] and then grant proper permissions.

I hope this information helps. Let us know if you have any further questions.

Thanks,

-Raul Garcia

SDE/T

SQL Server Engine

|||But, xyz$ is a computer account. How can I create a login for Computer Account in SQL? Is this possible?|||

CREATE LOGIN [abc\xyz$] FROM WINDOWS

It should work, let us know if it worked.

Thanks,

-Raul Garcia

SDE/T

SQL Server Engine

|||

Hi Raul,

I created the login using the above mentioned command. It created find.

But, now I get two messages in event viewer.

One is success audit where is says login successful for user abc\xyz$.

immeditely, it also logs in the below failure message.

Failure Audit: Login failed for user "abc\xyz$". (Client: xx.xx.xx.xx)

In the earlier posts, you had mentioned about granting permissions to abc\xyz$ account?

What permissions should we grant.

Can you also help me with the syntax to grant those permissions.

Thanks

Santhosh

|||

Creating the loginshould typically be enough to connect to the system (using master DB).I would recommend using SLQ Server Profiler and check the Security Events section (mark show all events to see all possibilities), to be more specific mark everything under Audit Login & Audit logout

I hope this helps,

-Raul Garcia

SDE/T

SQL Server Engine

|||

We created a login for the computer account name in SQL Server.
From SQL Server, we ran
CREATE LOGIN [Domainname\computername$] FROM WINDOWS
The login created successfully.
Now, we see two audit messages for Domainname\Computername$.
First audit message is..

Login Succeded for user Domainname\Computername$. Connection Trusted.(Client :xx.xx.xx.xx)
Second Audit message is.. Login failed for user Domainname\Computername$. (Client :xx.xx.xx.xx)

Before creating the login, we had only login failed message. But, now we get login succeded message and login failed message for the same username.

Any thoughts would be helpful.

Thanks

Santhosh

|||

Unfortunately I really have no idea on what may be happening. I would suggest trying to enable other events, including any permission checks or any queries being started. Hopefully this extra information will give us a clue on why the connection is failing.

-Raul Garcia

SDE/T

SQL Server Engine

Login Audit

I'd like to keep track of the number of logins to a SQL server over a
day which are then logged in a simple text file, for licensing
reasons. What do you think is the best way to do this? I was thinking
of using a trace but fear this may generate too much info. Could I
schedule a stored procedure to run every hour which records the number
and exports to a text file?
Thanks for your help in advance!
JohnTurn of the Login success and failure auditing functionality of SQL Server.
This will create an entry for each event in the NT Application Eventlog,
then you use WMI to filter them out and send them to a file for example.
This will be the lowest overhead solution, using SQL Trace/Profiler has much
more impact on your server performance.
GertD@.SQLDev.Net
Please reply only to the newsgroups.
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.
Copyright SQLDev.Net 1991-2004 All rights reserved.
"John McGinty" <jpmcginty@.talk21.com> wrote in message
news:87642ea9.0401280404.40536dde@.posting.google.com...

quote:

---

> I'd like to keep track of the number of logins to a SQL server over a
> day which are then logged in a simple text file, for licensing
> reasons. What do you think is the best way to do this? I was thinking
> of using a trace but fear this may generate too much info. Could I
> schedule a stored procedure to run every hour which records the number
> and exports to a text file?
> Thanks for your help in advance!
> John

---

|||The logins also get sent to the SQL Server errorlog as well.
Rand
This posting is provided "as is" with no warranties and confers no rights.