August 31, 2012 at 7:36 am
We have a domain ID that was created under a particular name and then renamed in AD under the same SID. Occasionally SQL starts to resolve login attempts under the old name instead on the new name. So application login attempts fail. I can verify this is happening by doing the following...
1. Open the new login dialog box and click on search.
2. Type in Domain\NewDomainName and click on Check Names.
3. The correct ID (the new name) is displayed.
4) Click OK
5) The incorrect ID (the old name) is displayed.
If I then type in the correct ID name and click OK, the correct new name is added to the login list. The login attempt to the application is then successful.
The problem is resolved for several days and then it reoccurs.
The current suggestion in my group is to reboot the boxes, but I can't get downtime for a couple of weeks. The environment is a 3+1 cluster on 4 64-bit boxes.
Anybody have any ideas on what the root cause of this could be?
Thanks for any help
August 31, 2012 at 10:03 am
Yes, SQL Server does seem to "sticky-cache" a lot of the AD security information for a long time. Rebooting your server is probably the recommended way to fix that.
Alternatively, you could try removing the Login from SQL Server and then re-adding it. That might work, but it might also be more trouble than it's worth.
[font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
Proactive Performance Solutions, Inc. [/font][font="Verdana"] "Performance is our middle name."[/font]
August 31, 2012 at 10:13 am
Thanks for the info. "sticky-cache" does seem like a pretty appropriate description of this AD behavior.
I had tried removing the ID and readding it, but unfortunately that didn't resolve the sticky-ness. 🙂
August 31, 2012 at 10:53 am
I rarely recommend it, but in this case I would try rebooting too.
This thread has a lot of the same symptoms: http://www.sqlservercentral.com/Forums/Topic1328455-1550-1.aspx
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
August 31, 2012 at 12:19 pm
That thread does sound like the same thing.
Thanks for your help! For some reason, it's a little comforting to know that someone else seems to be experiencing the same thing.
October 24, 2012 at 8:53 am
We did get an approval for a reboot and that solved the issue.
October 24, 2012 at 9:04 am
Good to know, thanks for posting back the resolution.
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply