I have created a Logic App and set a Sliding Window. I have added the next step as Execute a SQL Query (V2) but if i put the server name in there it gives an error
Could not retrieve values. Error code: '400', Message: 'Invalid connection settings inner exception:
Key
'token' in connection profile is not valid. inner exception: Unexpected character encountered while
parsing value: h. Path '', line 0, position 0. clientRequestId: ????
If you set admin for your sql server with service principal, it may show this error message. You can create a group and add the service principal or ad users into a group. And then set sql admin for the group.
Here is a similar post which may help you.
Related
Context: I keep raising this error when I try to execute an SSRS Email or File Drop subscription - and I have no idea why. The empty string '' seems to imply I need to add some specific user information but I have no idea where.
I was able to send a test email through the Database Mail wizard in the management studio. I noticed in the SQL Server sysmail_event_log record for that event the last_mod_user was NTService\MSSQLSERVER. But the failed subscription execution attempts are showing up under the sa in the last_mod_user I suspect something is at play between this discrepancy but idk how to fix it.
The error description also reads:
The mail could not be sent to the recipients because of the mail
server failure. (Sending Mail using Account 4 (2022-04-22T17:41:01).
Exception Message: Cannot send mails to mail server. (The SMTP server
requires a secure connection or the client was not authenticated. The
server response was: 5.7.57 Client not authenticated to send mail.
[BN0P110CA0026.NAMP110.PROD.OUTLOOK.COM]). )
Questions: Can someone please assist?
Add the account to the Local Admin of the Machine to fix the Operation.Mail one
I have successfully set up a scan for an on-prem dev sql instance. However, i am trying to set up scans on multiple on-prem sql instances.
I have successfully installed the integration run time agent on a server I want to scan. When I double check the credentials to be sure the username and password are correct, it passes as successful.
When I go to set up the scan against this same db, I use the appropriate user name and secret out of the key vault. While setting up the scan, Purview sees all the tables in the db I am wanting to scan.
So, my thought it, if the username or password were incorrect, it wouldn't pass the connection test and or see the tables in the db I'm wanting to scan.
Ok, so after I start the scan, it fails.
In the logs on that server, I can see where it fails w/ the following error code: 7000215
According to https://login.microsoftonline.com/error?code=7000215, this error message is: Developer error - the app is attempting to sign in without the necessary or correct authentication parameters.
So, I'm at a loss at why I can see the db and tables, but it continues to fail the scan.
The event viewer details show: Message:(AADSTS7000215: Invalid client secret is provided.)
Any help or recommendations would be greatly appreciated.
Here's the actual error message:
Retrieving auth token from AAD failed, exception thrown
(Type:(Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException),
Message:(AADSTS7000215: Invalid client secret is provided. Trace ID:
525bc331-5788-4d3c-a576-3570c5c92b00 Correlation ID:
acfc0ed8-c522-4e3b-8922-804df3bf2fbe Timestamp: 2021-02-22 04:06:46Z),
StackTrace:( at
Microsoft.DataTransfer.Execution.DataScan.Retry.d__1`1.MoveNext()
--- End of stack trace from previous location where exception was thrown --- at
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task
task) at
Microsoft.DataTransfer.Execution.DataScan.DataScanManagementServiceClient.d__22.MoveNext())
, InnerException (Type:(System.Net.Http.HttpRequestException),
Message:(Response status code does not indicate success: 401
(Unauthorized).), StackTrace:() , InnerException
(Type:(Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException),
Message:({"error":"invalid_client","error_description":"AADSTS7000215:
Invalid client secret is provided.\r\nTrace ID:
525bc331-5788-4d3c-a576-3570c5c92b00\r\nCorrelation ID:
acfc0ed8-c522-4e3b-8922-804df3bf2fbe\r\nTimestamp: 2021-02-22
04:06:46Z","error_codes":[7000215],"timestamp":"2021-02-22
04:06:46Z","trace_id":"525bc331-5788-4d3c-a576-3570c5c92b00","correlation_id":"acfc0ed8-c522-4e3b-8922-804df3bf2fbe","error_uri":"https://login.microsoftonline.com/error?code=7000215"}:
Unknown error), StackTrace:() ) ) ) Job ID:
986cf741-f4bf-4333-a51e-b9c04a15a75c Log ID: Error
I was able to address this issue.
The issue was the integration services run time client was not the most recent version.
A newer version (IntegrationRuntime_5.2.7713.1)
Once I installed this version, I was able to scan the databases previously not able to be scanned.
I created an Analysis Services Tabular Project in Visual Studio.
I tried to set the Impersonation Information to "Current User":
Unfortunately, I get the following error:
Failed to save modifications to the server. Error returned: 'The datasource, '[Datasource Name]', contains an ImpersonationMode that is not supported for processing operations.
If I instead set "Impersonation Information" to "Specific Windows user name and password" and use my personal account, it works just fine.
I got error messages for all other options (other than impersonating a specific account). For example, the "Unattended Account" option gave me the following error:
Failed to save modifications to the server. Error returned: 'An unexpected error occurred (file 'pcsspi.cpp', line 926, function 'GetImpersonationIdentity').
A connection could not be made to the data source with the Name of '[Data Source Name]'.
I do not handle the deployment myself - I move the entire solution to a shared folder and the tech lead for that particular project deploys it.
That being said, are there any security implications for impersonating my account? Any chance I could compromise my credentials?
Its totally fine to impersonate a specific Windows username and password however using your personal account is not correct. Set up a service account that has limited access to just the resources the Tabular model needs for refreshing. (Whatever data sources it uses and nothing else)
In SQL Server 2014 I have a data driven subscription that is executing successfully, but no file is generated. It is a Windows File Share subscription and the report has three parameters. I've tried removing all the parameters to see if it was an issue with that, but it still does not work. I've also verified the file path and the query the subscription is based is correct so don't think there is an issue there.
The subscription returns the message:
Processing: 0 processed of 281 total; 0 errors.
EDIT #1:
More information:
I'm trying to save the files to a shared drive on test computer.
I've given "full control" rights to the service for SQL Server Agent and
SSRS to the folder.
I'm logged in as a user on a domain.
Images of steps followed:
EDIT #2:
I'm getting the following errors from the log file located at "C:\Program Files\Microsoft SQL Server\MSRS12.MYINSTANCE\Reporting Services\LogFiles"
1) Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: AuthzInitializeContextFromSid: Win32 error: 1355, Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. ;
2) Error occurred processing subscription XX: Failure writing file filename : The report server has encountered a configuration error.
3) Microsoft.ReportingServices.Diagnostics.Utilities.RSException: The report server has encountered a configuration error. ---> Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error.
You can check the Subscriptions table in the ReportServer database for more detail about the subscriptions. For more detail, you can refer to the How to monitor report subscriptions.
You can check the UserName column values the user have permissions and other details.
SELECT *
FROM ReportServer.dbo.Subscriptions AS s
JOIN
ReportServer.dbo.Users AS us
ON us.UserID = s.OwnerId;
At the same time you can check the ExecutionLog3 table RowCount column in order to figure out the subscribed report returned any rows.Therefore, you can find out more details about the issue of the report.
EDITED
I simulated your error in my SSRS and then handled the problem with the help of the following steps.
Checked the error log files of the SSRS and find out the find out the
"An impersonation error occurred using the security context of the
current user"
error.
At first I refered to Configuration Manager Report Subscription to File Share fails with “An impersonation error occurred using the security context of the current user.” link but it didn't help to me.
Create a new data-driven subscription
Change the path share \ComputerName\Share to \ComputerName\c$\Share
In the data-driven subscription settings, I set the admin account to User name and Password fields.
So I'm trying to setup Railo and I want to add a datasource.
For the database I'm using Microsoft SQL server Management Studio.
But now I've run into the classical problem: "Login failed for user 'sa'. ClientConnectionId:afd80ac2-0744-4a7d-a9f7-083d93adee0d"
What I've done so far:
With the SQL Server Configuration Manager in the TCP/IP settings I enabled the IPs I had to.
I set the password for the user 'sa' in MSSQL and I added a user mapping for the table I want to use.
I made the user 'sa' the owner of the DB i want to connect to
Restarted the SQL service, my computer and Railo multiple times.
I'm pretty much out of ideas.
After Leigh mentioned in the comments to look at my logs it had the following message: "Login failed for user 'max'. Reason: Failed to open the explicitly specified database 'test'. [CLIENT: 127.0.0.1]"
I then tried to make a connection without mentioning a database and that worked.
I would also point to Leigh's answer here which explains how to turn Mixed-Mode authentication on, as this can also cause this error. Since the cause of this isn't on Railo/Lucee's end, this issue still arises in 2018.
I just don't want a useful answer to get lost to history, nor plagiarize an answer I barely found.