NTLMv2 for SQL authentication causes "HTTP Status 412" error in Deep Security Manager

Product / Version includes:

Deep Security9.6 , Deep Security10.1 , Deep Security10.0

Last updated: 2021/08/28

Solution ID: KA-0005953

Category: Troubleshoot

Summary

Deep Security Manager (DSM) web page returns the following error message when you try to log in:

HTTP Status 412 - The server failed to start. Please see the server0.log in the installation directory for more information

The server0.log shows the following entries:

Oct 28, 2015 11:29:43 AM com.thirdbrigade.manager.core.Core processInitDatabase
  WARNING: ThID:17|TID:0|TNAME:Primary|UID:-1|UNAME:|Unable to connect to the database. Retrying in 10 seconds.
  java.sql.SQLException: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
  at net.sourceforge.jtds.jdbc.SQLDiagnostic.addDiagnostic(SQLDiagnostic.java:372)
  at net.sourceforge.jtds.jdbc.TdsCore.tdsErrorToken(TdsCore.java:2820)
  at net.sourceforge.jtds.jdbc.TdsCore.nextToken(TdsCore.java:2258)
  at net.sourceforge.jtds.jdbc.TdsCore.login(TdsCore.java:603)
  at net.sourceforge.jtds.jdbc.ConnectionJDBC2.<init>(ConnectionJDBC2.java:352)
  at net.sourceforge.jtds.jdbc.ConnectionJDBC3.<init>(ConnectionJDBC3.java:50)
  at net.sourceforge.jtds.jdbc.Driver.connect(Driver.java:185)

Unfortunately, the issue still persists after performing the procedures in these articles:

Analyze the SQL Server ERROR.log if it contains the following entries:

2015-11-11 13:20:34.79 Logon Error: 17806, Severity: 20, State: 14.
  2015-11-11 13:20:34.79 Logon SSPI handshake failed with error code 0x80090302, 
  state 14 while establishing a connection with integrated security; 
  the connection has been closed. 
  Reason: AcceptSecurityContext failed. 
  The Windows error code indicates the cause of failure. [CLIENT: IP xxx.xxx.xxx.xxx]. 
  2015-11-11 13:20:34.79 Logon Error: 18452, Severity: 14, State: 1. 
  2015-11-11 13:20:34.79 Logon Login failed. 
  The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: IP xxx.xxx.xxx.xxx]

The logs above show because DSM does not use NTLMv2 for SQL authentication by default. If you want to use NTLMv2, do the following:

Open the dsm.properties file.
Add the following line:
database.SqlServer.useNTLMv2=true
Save and close the dsm.properties file.
Restart the Deep Security Manager service.
If the issue persists, you may also need to restart the server.

If the issue still occurs after restarting the server, collect and send the following files to Trend Micro Technical Support:

server0.log
SQL Server ERROR.log
msinfo.nfo of SQL Server and DSM Server

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

NTLMv2 for SQL authentication causes "HTTP Status 412" error in Deep Security Manager

NTLMv2 for SQL authentication causes "HTTP Status 412" error in Deep Security Manager

Product / Version includes:

Summary