When Service Broker transport security uses SSPI, the service account for the remote database must have CONNECT permission in master , and must also correspond to a login. Therefore, the account that the remote SQL Server instance runs as must have permission to log in to SQL Server using Windows Authentication. There are no requirements for the login to have other permissions or to own objects in any database.
Make sure that the service account for the remote database has CONNECT permission in master , and corresponds to a login.
Name | Description | Default Value |
Enabled | Enables or disables the workflow. | Yes |
Priority | Defines Alert Priority. | 1 |
Severity | Defines Alert Severity. | 2 |
Target | Microsoft.SQLServer.2012.DBEngine | ||
Category | EventCollection | ||
Enabled | True | ||
Event_ID | 9649 | ||
Event Source | $Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$ | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Application | ||
Comment | Mom2012ID='{C0356031-F1FD-4825-B76A-4C4AC05D3E17}';MOM2012GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74} |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
_F6DA1507_12AF_11D3_AB21_00A0C98620CE_ | DataSource | Microsoft.Windows.EventProvider | Microsoft.SQLServer.SQLDefaultAccount |
GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Microsoft.SQLServer.2012.A_security__SSPI__error_occurred_when_connecting_to_another_Service_Broker_or_Database_Mirroring_host_5_Rule" Target="SQL2012Core!Microsoft.SQLServer.2012.DBEngine" Enabled="true" ConfirmDelivery="true" Remotable="true" Comment="Mom2012ID='{C0356031-F1FD-4825-B76A-4C4AC05D3E17}';MOM2012GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74}">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" Comment="{F6DA1507-12AF-11D3-AB21-00A0C98620CE}" TypeID="Windows!Microsoft.Windows.EventProvider" RunAs="SQL!Microsoft.SQLServer.SQLDefaultAccount">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>9649</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>$Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertMessageId>$MPElement[Name="Microsoft.SQLServer.2012.A_security__SSPI__error_occurred_when_connecting_to_another_Service_Broker_or_Database_Mirroring_host_5_Rule.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>Event ID: $Data/EventDisplayNumber$. $Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>