Do we need to open port 1433 for MS SQL discovery

moresr · ‎11-24-2015

Hi All,

I am discovering windows servers, Observed that mssql instance is created but not getting other attributes like version, edition, service pack, db catalog etc is not populated.

All windows server attributes data fetched successfully without any errors.

When I checked with DBA team , they are saying these servers are behind firewall.

So just want inputs is it necessary to open firewall ports for 1433 port rom MID server to SQL servers. I don't see anywhere mentioned in SNOW documentation?

Thx

SRM

mb_uk · ‎04-19-2017

Sudhir - did you manage to resolve this issue? We have the same problem (with the additional challenge of a different SQL port).

We're on Helsinki and have implemented all the pre-reqs (as far as I can tell). We have no successfully discovered databases to compare! Other Windows information (processes, software, cluster) is coming through OK. I'm also getting cmdb_ci_db_mssql_instance records (name of service and instance name only though). It seems the Windows - MSSQL probe is failing with error "Authentication failure with the local MID server service credential." The MID server service account is local admin on the SQL server and also currently has sa access to SQL. I can login as the MID server service account and navigate without issue within SQL Management studio.

Thanks in advance, MB.

moresr · ‎04-20-2017

Hi Mark,

Have you installed all pre-requisites including SMO lib on MID .

Are MID & SQL servers are in same AD domain?

If not try by adding MID Service account user to MS-SQL Server instance with proper role on the target Windows host.

Regards,

Sudhir

mb_uk · ‎04-26-2017

Sudhir,

Yes, I have the SMO and CLR components:

Plus .net (4.5 sincludes 4.0 on Windows 2012 R2):

Plus Powershell:

The MID server and SQL servers are on the same domain.

I'm not sure I understand your suggestion "If not try by adding MID Service account user to MS-SQL Server instance with proper role on the target Windows host." The MID server service account is local admin on the target host and has the SQL sa role.

Thanks, MB.

mb_uk · ‎08-07-2017

It turned out this issue was caused by an issue with our domain controllers. The RPC port had been restricted to one of the early high ports, there was a clash with the winint.exe process so the doamin controller was not able to respond to RPC authentication requests (required when using IP address instead of hostname, NTLM not kerberos). We changed the port reservation and can now map by IP address and discover databases.