System Center Operations manager is a pretty nice monitoring and management application, but it is also a complex application that can be very difficult to configure and troubleshoot. Recently, after some account clean-up, we started receiving login failure pop-up windows when trying to run some reports inside the interface. This happened to coincide with a password change, so we thought for sure it was just a password issue – boy were we wrong.
After months of troubleshooting, we finally had a breakthrough today. Previous attempts of resetting passwords, reconfiguring Run As accounts and profiles, applying hotfixes and service packs, the answer came to us. A colleague was able to narrow down the issue specifically to this Event Viewer entry:
Log Name: Operations Manager Source: OpsMgr SDK Service Date: 6/2/2011 10:45:04 AM Event ID: 26319 Task Category: None Level: Error Keywords: Classic User: N/A Computer: SERVER Description: An exception was thrown while processing GetDataWarehouseMonitoringObjectsByRowId for session id uuid:54910ec9-1832-4399-9864-a2fd482aa340;id=863. Exception Message: The creator of this fault did not specify a Reason. Full Exception: System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UnknownDatabaseException]: The creator of this fault did not specify a Reason. (Fault Detail is equal to Login failed for user 'SCOMUser'.).
That’s obviously a SQL error, however, we had quadruple checked that the Data Warehouse account (we knew these was the run as credential it was using, because we changed the case of the user to ‘SCOmuser’ and the error message changed with that same case) was configured to use the proper SCOMUser domain account, and that the domain account had a proper login and permissions to the databases. Furthermore, after enabling SQL login auditing, we received the following message:
Log Name: Application Source: MSSQLSERVER Date: 6/2/2011 2:22:36 PM Event ID: 18456 Task Category: Logon Level: Information Keywords: Classic,Audit Failure User: N/A Computer: SERVER Description: Login failed for user 'SCOMUser'. Reason: Could not find a login matching the name provided. [CLIENT: ]
What finally occurred to me was that it was not passing the domain as part of the login, rather, it was attempting to use SCOMUser as a SQL account, and not a windows account. By clicking properties on the Data Warehouse Action Account, going to the Distribution tab, and selecting the “Where is this credential used?” link, we found that it was being used by the “Reporting SDK SQL SQL Authentication Account” profile. Obviously, it being a Windows account was the reason SCOM was not passing the domain.
To correct the issue, we re-associated the Reporting SDK SQL Authentication Account with the appropriate run as credential. After doing so, the pop-up errors are gone!