This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cant Start Management Console

JTHoB over 13 years ago

Hi everyone,

I just installed the new Sophos Endpoint but cant get it up and running and could use some assistance.

This is the error I get when i try to start the Management Service

"Cannot open database "SOPHOS50" requested by the login. The login failed. "

from the KB i found this article http://www.sophos.com/support/knowledgebase/article/111898.html

which tells me to run a sql command. Unfortunately when I do so, i get the following error:

"Msg 15098, Level 16, State 1, Server Server\SOPHOS, Line 1
The name change cannot be performed because the SID of the new name does not match the old SID of the principal. "

Can anyone assist me in solving this problem?

Thanks in advance

This thread was automatically locked due to age.

0 jak over 13 years ago
Hi,

Looks like the Windows group to SQL login is off. Try the following commands, replacing "CONTEXTOFGROUP" to be the machine name (NETBIOS) if the "Sophos DB Admins" group is a local group. If the group is a domain group then it would be the domain name, for example if SEC was installed on a DC. Note the square brackets should be used. I've also assumed you are using a SOPHOS named SQL instance.

Drop Login

sqlcmd -E -S .\sophos -Q "DROP LOGIN [CONTEXTOFGROUP\Sophos DB Admins]"

E.g.

sqlcmd -E -S .\sophos -Q "DROP LOGIN [SERVERA\Sophos DB Admins]"

Create Login

sqlcmd -E -S .\sophos -Q "CREATE LOGIN [CONTEXTOFGROUP\Sophos DB Admins] FROM WINDOWS"

E.g.

sqlcmd -E -S .\sophos -Q "CREATE LOGIN [SERVERA\Sophos DB Admins] FROM WINDOWS"

Re-map

sqlcmd -E -S .\sophos -d sophos50 -i "C:\ResetUserMappings.sql"
sqlcmd -E -S .\sophos -d sophospatch -i "C:\ResetUserMappings.sql"

where C:\ResetUserMappings.sql should contain:

DECLARE @user_name NVARCHAR(128); SET @user_name = (SELECT TOP(1) [name] FROM sys.database_principals WHERE [name] LIKE '%Sophos DB Admins'); DECLARE @login_name NVARCHAR(128); SET @login_name = (SELECT TOP(1) [name] FROM sys.server_principals WHERE [name] LIKE '%Sophos DB Admins'); DECLARE @sql NVARCHAR(max); SET @sql = N'ALTER USER [' + @user_name + N'] WITH LOGIN = [' + @login_name + N']'; EXEC sp_executesql @stmt = @sql;

This is taken from the SEC 5 migration guide:
http://www.sophos.com/sophos/docs/eng/migration/sec_50_mgeng.pdf

I can only assume that the Sophos DB Admins group was removed and re-creatred at some point.

Hope it helps.

Regards,

Jak
:24299
Cancel
Vote Up 0 Vote Down

Cancel
0 A_K over 13 years ago
Hi JTHoB,
Alternatively try teh steps below.
In the event that the above has not resolved your issue, please contact support for further assistance.
Remove the user from the instance using the command (edit the DOMAINNAME to be the domainname or servername depending on the location of the Sophos DB Admins group):

sqlcmd -E -S .\Sophos -Q "IF EXISTS (SELECT * FROM sys.server_principals WHERE name = N'DOMAINNAME\Sophos DB Admins')DROP LOGIN [DOMAINNAME\Sophos DB Admins]"

Re-add the user using the sql command:

sqlcmd -E -S .\Sophos -Q "CREATE LOGIN [DOMAINNAME\Sophos DB Admins] FROM WINDOWS WITH DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english]"

Reinstall the Sophos databases using the scripts:

C:\Sec50\ServerInstaller\DB\Core\InstallDB.bat
C:\Sec50\ServerInstaller\DB\Patch\CreatePatchDB.bat

For instructions on running these scripts, please see article 116768 Creating the Sophos databases using the command line tools
Complete the upgrade and transfer of data to the new databases by running the command:

C:\Program Files\Sophos\Enterprise Console\upgradedb.exe -debug

For instructions on running this script, please see article 65420: Using the UpgradeDB.exe tool

Start the Sophos Management Service and Sophos Management Host Service
:24317
Cancel
Vote Up 0 Vote Down

Cancel