November 16, 2009 at 9:19 am
We are receiving pages because we have Severity 20 alerts set to page the DBAs...
Our company uses 2 domains (one for the production servers and one for everything else [including developers]). We allow both NT and sql authentication on the db servers.
All developers use sql logins to connect to the sql server because their local NT login is in a different domain and doesn't have access to the sql server. So...they login using sql logins and have access to the sql server via its IP on the network.
However, whenever a developer "accidentally" tries to connect to the database server using NT authentication (instead of their sql login), SQL Server throws a Severity 20 Alert and we get paged!!! I kind of understand why SQL sees it this way, but can anyone think of a way to SEv 20 alert for everything EXCEPT sspi handshake errors? sp_add_alert allows you to customize the alert for specific errors, but doesn't appear to allow to filter out specific errors.
Your help is much appreciated.
Jason
November 16, 2009 at 9:49 am
Hi Jason,
Do you not have any applications that use NT authentication into the database. If not, then it's not quite as big a deal, but you probably want to get the issue resolved rather than covering up the error. Every time I've run into this issue it's had to do with Kerberos authentication, which means you will probably need to set your SPN's manually, Microsoft has a good article on what causes this and how to fix it here. Hopefully that helps and isn't something you've already looked at 🙂 .
January 21, 2010 at 8:47 am
Thank you for the reply. I missed it until now due to an email issue 🙁
I have seen that article and it made my eyes roll back in my head 🙂
We don't have applications with this situation so it's not critical, just an annoyance.
I tried several ways to hack the system messages table/view to make this specific error a lower priority, but it appears impossible.
Instead, I worked with our email group to put smtp filters in place to capture these pager bound emails and reroute them to another address.
Thanks,
Jason
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply