Summary
Some users use their domain admin account to connect to the Deep Security Manager SQL database. After modifying the database credentials by editing the dsm.properties file, the service failed to start.
Details
The issue may have been caused by failed authentication due to these parameters: database.SqlServer.authenticationScheme=JavaKerberos and database.SqlServer.integratedSecurity=true.
To confirm the cause of the issue, review the server0.log under the Deep Security Manager's installation directory and check if it shows the following:
WARNING: ThID:16|TID:0|TNAME:Primary|UID:-1|UNAME:|Unable to connect to the database. Retrying in 10 seconds. com.microsoft.sqlserver.jdbc.SQLServerException: Cannot login with Kerberos principal sa, check your credentials. Kerberos Login failed: Integrated authentication failed. ClientConnectionId:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx due to javax.security.auth.login.LoginException (KrbException: Cannot locate default realm)
To resolve the issue:
- Go to Start > Run then type "services.msc".
- Stop the Trend Micro Deep Security Manager service.
- Go to the C:\Program Files\Trend Micro\Deep Security Manager\webclient\webapps\ROOT\WEB-INF folder and open the dsm.properties file.
- Change "database.SqlServer.integratedSecurity=true" to "database.SqlServer.integratedSecurity=false".
- Start the Trend Micro Deep Security Manager service.
