mssql receiving login failure issue

Woo nini 1 Reputation point
2021-07-14T03:03:34.34+00:00

I would like to ask for help about mssql receiving login failure issue:
the application server is using windows authentication to connect database server.
Sometimes application server fails to connect few databases server. This failure login happened about the same time frame, which is rarely happened in the past.

The impacted server as below:

  1. Application server (using Windows authentication - "domain/serverName$" to connect database server)

Database server:

  1. Primary database server (AlwaysOn) - application connection string is using "listener" to connect
  2. Secondary database server (AlwaysOn) - application connection string is using alias name which configured on DNS server
  3. Publisher database server (Transactional Replication) - application connection string is using alias name which configured on DNS server

the error message as below:

Error: 17806, Severity: 20, State: 14.
SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The logon attempt failed [CLIENT: -]

Logon Error: 18452, Severity: 14, State: 1. 2021-06-13 19:01:11.45 Logon Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: -]

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,756 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Seeya Xi-MSFT 16,441 Reputation points
    2021-07-14T07:54:14.267+00:00

    Hi @Woo nini ,

    Error: 17806, Severity: 20, State: 14.
    It may be caused by Kerberos failure, which would most likely be related to non-existent SPN or bad SPN for SQL Server.
    Also, make sure that the server is configured correctly with the Windows Domain and Active Directory.
    Error: 18452, Severity: 14, State: 1.
    Reason behind error 18452 is because of wrong security authentication mode configuration. SQL Server is set to accept only windows logins to connect to database instance.

    And refer to this article about how to fix it.

    Best regards,
    Seeya

    If the response is helpful, please click "Accept Answer" and upvote it, as this could help other community members looking for similar queries.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. Woo nini 1 Reputation point
    2021-07-14T11:04:40.287+00:00

    Hi SeeyaXi-msft,
    Thanks for your feedback

    Error: 17806, Severity: 20, State: 14.
    The login failure is not happen frequently. Today the IIS from the application server failed connect to Publisher database server (Transactional Replication) again, the IIS also showing the same error message "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.". At the event viewer > Security from Active Directory, the log show the event ID is "4776", the information shown on "active-directory-event-viewer.png"

    114528-active-directory-event-viewer.png

    Error: 18452, Severity: 14, State: 1.
    The server authentication set to "SQL Server and Windows Authentication mode"

    0 comments
  3. Seeya Xi-MSFT 16,441 Reputation points
    2021-07-15T02:32:22.707+00:00

    Hi @Woo nini ,

    Did you check if the SPN issue?
    You can follow this article to confirm it.

    0 comments