Upgrade to 2.1 - Cannot connect to Base Monitor Service

cjlotz · January 4, 2011 1:24AM

Hi

After upgrading to 2.1 SQL Monitor cannot connect to the Base Monitor service. It is giving me a The credentials supplied to the package were not recognized error. I've gone through all the documentation to verify that the accounts are setup correctly but the problem still persists.

Our setup is both the Web server and Base Monitor running on the same WS 2008 R2 server. The Web Server is running in IIS. I've verified that the Base Monitor Service is running and using the Windows Account that has db_owner permissions on the Data Repository.

I had a look at the log files and the only errors I get in the event log are:

Log Name:      Red Gate Software
Source:        SQL Monitor 2
Date:          2011/01/04 07:56:52 AM
Event ID:      0
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Prods-TFS.pragma.co.za
Description:
2011-01-04 05:56:52,712 &#91;6&#93; ERROR RedGate.Response.Common.Networking.Server.AsynchronousSocketListener &#91;&#40;null&#41;&#93; - System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---&gt; System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
   at System.Net.Sockets.Socket.Receive&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 size, SocketFlags socketFlags&#41;
   at System.Net.Sockets.NetworkStream.Read&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 size&#41;
   --- End of inner exception stack trace ---
   at System.Net.Sockets.NetworkStream.Read&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 size&#41;
   at System.Net.FixedSizeReader.ReadPacket&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 count&#41;
   at System.Net.Security.SslState.StartReceiveBlob&#40;Byte&#91;&#93; buffer, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive&#40;ProtocolToken message, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.StartSendBlob&#40;Byte&#91;&#93; incoming, Int32 count, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.ProcessReceivedBlob&#40;Byte&#91;&#93; buffer, Int32 count, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.StartReadFrame&#40;Byte&#91;&#93; buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.StartReceiveBlob&#40;Byte&#91;&#93; buffer, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.ForceAuthentication&#40;Boolean receiveFirst, Byte&#91;&#93; buffer, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.ProcessAuthentication&#40;LazyAsyncResult lazyResult&#41;
   at System.Net.Security.SslStream.AuthenticateAsServer&#40;X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation&#41;
   at &#40;Object , X509Certificate , Boolean , SslProtocols , Boolean &#41;
   at #1jv.#nkv.#RLv&#40;Stream &#41;
   at #1jv.#0jv.#yco&#40;Socket &#41;

Event Xml:
&lt;Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"&gt;
  &lt;System&gt;
    &lt;Provider Name="SQL Monitor 2" /&gt;
    &lt;EventID Qualifiers="0"&gt;0&lt;/EventID&gt;
    &lt;Level&gt;2&lt;/Level&gt;
    &lt;Task&gt;0&lt;/Task&gt;
    &lt;Keywords&gt;0x80000000000000&lt;/Keywords&gt;
    &lt;TimeCreated SystemTime="2011-01-04T05:56:52.000Z" /&gt;
    &lt;EventRecordID&gt;242&lt;/EventRecordID&gt;
    &lt;Channel&gt;Red Gate Software&lt;/Channel&gt;
    &lt;Computer&gt;Prods-TFS.pragma.co.za&lt;/Computer&gt;
    &lt;Security /&gt;
  &lt;/System&gt;
  &lt;EventData&gt;
    &lt;Data&gt;2011-01-04 05:56:52,712 &#91;6&#93; ERROR RedGate.Response.Common.Networking.Server.AsynchronousSocketListener &#91;&#40;null&#41;&#93; - System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---&gt; System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
   at System.Net.Sockets.Socket.Receive&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 size, SocketFlags socketFlags&#41;
   at System.Net.Sockets.NetworkStream.Read&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 size&#41;
   --- End of inner exception stack trace ---
   at System.Net.Sockets.NetworkStream.Read&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 size&#41;
   at System.Net.FixedSizeReader.ReadPacket&#40;Byte&#91;&#93; buffer, Int32 offset, Int32 count&#41;
   at System.Net.Security.SslState.StartReceiveBlob&#40;Byte&#91;&#93; buffer, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive&#40;ProtocolToken message, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.StartSendBlob&#40;Byte&#91;&#93; incoming, Int32 count, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.ProcessReceivedBlob&#40;Byte&#91;&#93; buffer, Int32 count, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.StartReadFrame&#40;Byte&#91;&#93; buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.StartReceiveBlob&#40;Byte&#91;&#93; buffer, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.ForceAuthentication&#40;Boolean receiveFirst, Byte&#91;&#93; buffer, AsyncProtocolRequest asyncRequest&#41;
   at System.Net.Security.SslState.ProcessAuthentication&#40;LazyAsyncResult lazyResult&#41;
   at System.Net.Security.SslStream.AuthenticateAsServer&#40;X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation&#41;
   at &#40;Object , X509Certificate , Boolean , SslProtocols , Boolean &#41;
   at #1jv.#nkv.#RLv&#40;Stream &#41;
   at #1jv.#0jv.#yco&#40;Socket &#41;
&lt;/Data&gt;
  &lt;/EventData&gt;
&lt;/Event&gt;

Can you please assist me in getting this working again.

Thx

dlkj · January 4, 2011 12:28PM

Hi,

Please try the following steps:

Open C:\ProgramData\Microsoft\Crypto\RSA or C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA in windows explorer

Right click on "MachineKeys" to bring up the properties dialog

Click on the Security tab

Remove all users except "Everyone" and "Administrators"

Edit the permissions for "Everyone" to Allow everything except Full Conrol

Click OK

Restart the Response Services

If the error still shows, repeat steps, but set "Everyone" to allow "Full control"

cjlotz · January 6, 2011 5:08AM

The issue is related to the account permissions for the identity under which the Application Pool for SQL monitor is running in IIS. When I change this a domain account with Administrator rights the issue disappears. However, ideally I don't want to run the App Pool using an administrator account. I have verified that the previous ApplicationPoolIdentity has the necessary rights on the SQL Monitor folder using icacls as described in your knowledge base. For now the site is running, but I still want to not use the Admin account.

Thx

Philw · January 6, 2011 5:47AM

Monitor will create a SSL key at first run, so once it has been created the permissions required should be less. It might be worth trying to reduce the permissions now that a key has been created?

Upgrade to 2.1 - Cannot connect to Base Monitor Service

Comments

Product Learning

Community Forums

Events & Friends

Simple Talk