Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-11073: Direct Audit is not working properly after DB migration

Auditing and Monitoring Service ,  

18 September,18 at 09:43 PM

ProblemDirectAudit is not working properly after DB migration
Collector is not able to connect and sessions are being spooled locally due to the collector offline. 

Cause: SPN was not added to the outgoing account, but it was there for the server. To use Kerberos authentication, it requires SPN exists for the SQL server's service account. If SPN does not exist, it would switch to use NTLM authentication actually and so, user should still be able to authenticate and connect to the SQL server even no SPN exists. Sometimes it happens due to the SPN does exist but is added to a wrong container.
User-added image
ERROR:
==========================================================================================================================================================================================

error message "You cannot connect to SQL Server. Please make sure the Service Principal Name (SPN) for the SQL Server instance is valid." The problem seems relates to invalid SPN of the SQL server.
==========================================================================================================================================================================================


Workaround: Adding SPN to the right container for the outgoing account and fixes the issue.
User-added image

OR

User-added image

Go to Active Directory User and Computer and right click on the service account then go security tab add SELF to the Group and user names and allow write permission. Once it is done then go to Sql Server Configuration Manger to restart sql instance, it should fixes the issue.

Resolution: There is no resolution.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.