Home
  •  

A security (SSPI) error occurred when connecting to another Service Broker, or Database Mirroring host

Microsoft.SQLServer.2012.A_security__SSPI__error_occurred_when_connecting_to_another_Service_Broker_or_Database_Mirroring_host_5_Rule (Rule)

Knowledge Base article:

Summary

When Service Broker transport security uses SSPI, the service account for the remote database must have CONNECT permission in master , and must also correspond to a login. Therefore, the account that the remote SQL Server instance runs as must have permission to log in to SQL Server using Windows Authentication. There are no requirements for the login to have other permissions or to own objects in any database.

Resolutions

Make sure that the service account for the remote database has CONNECT permission in master , and corresponds to a login.

Overrideable Parameters

Name

Description

Default Value

Enabled

Enables or disables the workflow.

Yes

Priority

Defines Alert Priority.

1

Severity

Defines Alert Severity.

2

Element properties:

TargetMicrosoft.SQLServer.2012.DBEngine
CategoryEventCollection
EnabledTrue
Event_ID9649
Event Source$Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
RemotableTrue
Alert Message
A security (SSPI) error occurred when connecting to another Service Broker, or Database Mirroring host
{0}
Event LogApplication
CommentMom2012ID='{C0356031-F1FD-4825-B76A-4C4AC05D3E17}';MOM2012GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74}

Member Modules:

ID Module Type TypeId RunAs 
_F6DA1507_12AF_11D3_AB21_00A0C98620CE_ DataSource Microsoft.Windows.EventProvider Microsoft.SQLServer.SQLDefaultAccount
GenerateAlert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.SQLServer.2012.A_security__SSPI__error_occurred_when_connecting_to_another_Service_Broker_or_Database_Mirroring_host_5_Rule" Target="SQL2012Core!Microsoft.SQLServer.2012.DBEngine" Enabled="true" ConfirmDelivery="true" Remotable="true" Comment="Mom2012ID='{C0356031-F1FD-4825-B76A-4C4AC05D3E17}';MOM2012GroupID={467ECC75-C5DA-42BD-955C-A73BBB51AF74}">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="_F6DA1507_12AF_11D3_AB21_00A0C98620CE_" Comment="{F6DA1507-12AF-11D3-AB21-00A0C98620CE}" TypeID="Windows!Microsoft.Windows.EventProvider" RunAs="SQL!Microsoft.SQLServer.SQLDefaultAccount">

      <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>Application</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery>EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>9649</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery>PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>$Target/Property[Type="SQL!Microsoft.SQLServer.DBEngine"]/ServiceName$</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>2</Severity>

      <AlertMessageId>$MPElement[Name="Microsoft.SQLServer.2012.A_security__SSPI__error_occurred_when_connecting_to_another_Service_Broker_or_Database_Mirroring_host_5_Rule.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>Event ID: $Data/EventDisplayNumber$. $Data/EventDescription$</AlertParameter1>

      </AlertParameters>

      <Suppression>

        <SuppressionValue/>

      </Suppression>

    </WriteAction>

  </WriteActions>

</Rule>