Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 1922 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cant Start Management Console

JTHoB

Hi everyone,

I just installed the new Sophos Endpoint but cant get it up and running and could use some assistance.

This is the error I get when i try to start the Management Service

"Cannot open database "SOPHOS50" requested by the login. The login failed. "

from the KB i found this article http://www.sophos.com/support/knowledgebase/article/111898.html

which tells me to run a sql command. Unfortunately when I do so, i get the following error:

"Msg 15098, Level 16, State 1, Server Server\SOPHOS, Line 1
The name change cannot be performed because the SID of the new name does not match the old SID of the principal. "

Can anyone assist me in solving this problem?

Thanks in advance

:24297


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    Looks like the Windows group to SQL login is off.  Try the following commands, replacing "CONTEXTOFGROUP" to be the machine name (NETBIOS) if the "Sophos DB Admins" group is a local group.  If the group is a domain group then it would be the domain name, for example if SEC was installed on a DC.  Note the square brackets should be used.  I've also assumed you are using a SOPHOS named SQL instance.

    Drop Login

    sqlcmd -E -S .\sophos -Q "DROP LOGIN [CONTEXTOFGROUP\Sophos DB Admins]"

    E.g.

    sqlcmd -E -S .\sophos -Q "DROP LOGIN [SERVERA\Sophos DB Admins]"

    Create Login

    sqlcmd -E -S .\sophos -Q "CREATE LOGIN [CONTEXTOFGROUP\Sophos DB Admins] FROM WINDOWS"

    E.g.

    sqlcmd -E -S .\sophos -Q "CREATE LOGIN [SERVERA\Sophos DB Admins] FROM WINDOWS"

    Re-map

    sqlcmd -E -S .\sophos -d sophos50 -i "C:\ResetUserMappings.sql"
    sqlcmd -E -S .\sophos -d sophospatch -i "C:\ResetUserMappings.sql"

    where C:\ResetUserMappings.sql should contain:

    DECLARE @user_name NVARCHAR(128); 
SET @user_name = (SELECT TOP(1)
         [name] 
      FROM 
         sys.database_principals 
      WHERE 
         [name] LIKE '%Sophos DB Admins');
DECLARE @login_name NVARCHAR(128); 
SET @login_name = (SELECT TOP(1)
         [name] 
      FROM 
         sys.server_principals 
      WHERE 
         [name] LIKE '%Sophos DB Admins'); 
DECLARE @sql NVARCHAR(max);
SET @sql = N'ALTER USER [' + @user_name + N'] WITH LOGIN = [' 
+ @login_name + N']';
EXEC sp_executesql @stmt = @sql;

    This is taken from the SEC 5 migration guide:
    http://www.sophos.com/sophos/docs/eng/migration/sec_50_mgeng.pdf  


    I can only assume that the Sophos DB Admins group was removed and re-creatred at some point.

    Hope it helps.

    Regards,

    Jak 

    :24299
Reply
  • 0

    Hi,

    Looks like the Windows group to SQL login is off.  Try the following commands, replacing "CONTEXTOFGROUP" to be the machine name (NETBIOS) if the "Sophos DB Admins" group is a local group.  If the group is a domain group then it would be the domain name, for example if SEC was installed on a DC.  Note the square brackets should be used.  I've also assumed you are using a SOPHOS named SQL instance.

    Drop Login

    sqlcmd -E -S .\sophos -Q "DROP LOGIN [CONTEXTOFGROUP\Sophos DB Admins]"

    E.g.

    sqlcmd -E -S .\sophos -Q "DROP LOGIN [SERVERA\Sophos DB Admins]"

    Create Login

    sqlcmd -E -S .\sophos -Q "CREATE LOGIN [CONTEXTOFGROUP\Sophos DB Admins] FROM WINDOWS"

    E.g.

    sqlcmd -E -S .\sophos -Q "CREATE LOGIN [SERVERA\Sophos DB Admins] FROM WINDOWS"

    Re-map

    sqlcmd -E -S .\sophos -d sophos50 -i "C:\ResetUserMappings.sql"
    sqlcmd -E -S .\sophos -d sophospatch -i "C:\ResetUserMappings.sql"

    where C:\ResetUserMappings.sql should contain:

    DECLARE @user_name NVARCHAR(128); 
SET @user_name = (SELECT TOP(1)
         [name] 
      FROM 
         sys.database_principals 
      WHERE 
         [name] LIKE '%Sophos DB Admins');
DECLARE @login_name NVARCHAR(128); 
SET @login_name = (SELECT TOP(1)
         [name] 
      FROM 
         sys.server_principals 
      WHERE 
         [name] LIKE '%Sophos DB Admins'); 
DECLARE @sql NVARCHAR(max);
SET @sql = N'ALTER USER [' + @user_name + N'] WITH LOGIN = [' 
+ @login_name + N']';
EXEC sp_executesql @stmt = @sql;

    This is taken from the SEC 5 migration guide:
    http://www.sophos.com/sophos/docs/eng/migration/sec_50_mgeng.pdf  


    I can only assume that the Sophos DB Admins group was removed and re-creatred at some point.

    Hope it helps.

    Regards,

    Jak 

    :24299
Children
No Data