MarkatLMFJ
IS-IT--Management
I'm trying to get WSUS going at my organization, we have limited internet bandwidth and over 100 computers, hitting Windows updates for all computers is really slowing us down.
I have 8 servers
- 2k3 Standard with Exchange, Domain Controller, good strong box, also file server and print server, not really a candidate for install
- 2k3 Standard running Pervasive SQL, not a candidate for other services
- 2k3 standard running Terminal Services in application mode; high user load, high memory usage, don't want to put WSUS services on here
- 2k3 standard - dedicated IIS server, not on AD and in DMZ, no internal network access, not a candidate
- 2k3 Standard - mostly dedicated IIS but on AD for Intranet purposes, want to use for front end; I do NOT want to install WMSDE or MSDE on this box. (Server A)
- 2k3 Standard - MS-SQL 2000 SP4, 3 GB of RAM (Yes I'm aware of the ram limitations and I inherited this system), would like to use this for the back end (Server B)
- 2k Standard - MS-SQL 2000 SP3a, 1gb of RAM, Limited HDD, SQL is limited runtime edition, high processor load from other services needed to support the SQL applications that the database system runs
- 2k Standard, 512MB Ram, P3 of some type, 9GB HDD free; very very very slow, not a good candidate but would be willing to use; cannot get .NET framework to install. Only thing this box does is act as a backup domain controller.
So first I ran the wsussetup utility on server A using the /f switch, chose the option for port 8530 so I don't wipe out the other site on the box, then to use local updates. Cool beans.
Next did wsussetup /b on server B, no problems here.
Ran the designated SQL scripts on server B and made the registry changes on server A.
When WSUS goes to access the SQL server, it gets an error about null is not a trusted connection.
----------
More on server B:
- SQL is running as a domain user (need that for the MAPI profile since we also use SQL Mail on there)
- the account SQL Server runs under has local admin rights, is trusted for delegation, Server A and B are also trusted for delegation
- On startup server B gives a warning about SPNRegister (below). I have run setSPN -A to add the sql service but I still get the error, have rebooted. setSPN -L shows the necessary entry (also below) --- I first had a problem when we changed to using a domain account with SSPI issues not working and all the windows authentication stopped, this was easily fixed with setSPN but I'm still getting the warning.
I'm at a complete loss about what else to try and would very much appreciate suggestiosn about how to get this working!
C:\Program Files\Resource Kit>setspn -L lmfjecomsql
Registered ServicePrincipalNames for CN=LMFJECOMSQL,OU=Servers,DC=lmfj,D
C=com:
MSSQLSvc/lmfjecomsql.lmfj.com:1433
HOST/LMFJECOMSQL
HOST/lmfjecomsql.lmfj.com
C:\Program Files\Resource Kit>
Event Type: Warning
Event Source: MSSQLServer
Event Category: (8)
Event ID: 19011
Date: 5/31/2006
Time: 9:59:18 PM
User: N/A
Computer: LMFJECOMSQL
Description:
SuperSocket info: (SpnRegister) : Error 8344.
For more information, see Help and Support Center at
Event Type: Information
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 17055
Date: 5/31/2006
Time: 10:07:53 PM
User: N/A
Computer: LMFJECOMSQL
Description:
18452 :
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
For more information, see Help and Support Center at Data:
0000: 14 48 00 00 0e 00 00 00 .H......
0008: 0c 00 00 00 4c 00 4d 00 ....L.M.
0010: 46 00 4a 00 45 00 43 00 F.J.E.C.
0018: 4f 00 4d 00 53 00 51 00 O.M.S.Q.
0020: 4c 00 00 00 07 00 00 00 L.......
0028: 6d 00 61 00 73 00 74 00 m.a.s.t.
0030: 65 00 72 00 00 00 e.r...
I have 8 servers
- 2k3 Standard with Exchange, Domain Controller, good strong box, also file server and print server, not really a candidate for install
- 2k3 Standard running Pervasive SQL, not a candidate for other services
- 2k3 standard running Terminal Services in application mode; high user load, high memory usage, don't want to put WSUS services on here
- 2k3 standard - dedicated IIS server, not on AD and in DMZ, no internal network access, not a candidate
- 2k3 Standard - mostly dedicated IIS but on AD for Intranet purposes, want to use for front end; I do NOT want to install WMSDE or MSDE on this box. (Server A)
- 2k3 Standard - MS-SQL 2000 SP4, 3 GB of RAM (Yes I'm aware of the ram limitations and I inherited this system), would like to use this for the back end (Server B)
- 2k Standard - MS-SQL 2000 SP3a, 1gb of RAM, Limited HDD, SQL is limited runtime edition, high processor load from other services needed to support the SQL applications that the database system runs
- 2k Standard, 512MB Ram, P3 of some type, 9GB HDD free; very very very slow, not a good candidate but would be willing to use; cannot get .NET framework to install. Only thing this box does is act as a backup domain controller.
So first I ran the wsussetup utility on server A using the /f switch, chose the option for port 8530 so I don't wipe out the other site on the box, then to use local updates. Cool beans.
Next did wsussetup /b on server B, no problems here.
Ran the designated SQL scripts on server B and made the registry changes on server A.
When WSUS goes to access the SQL server, it gets an error about null is not a trusted connection.
----------
More on server B:
- SQL is running as a domain user (need that for the MAPI profile since we also use SQL Mail on there)
- the account SQL Server runs under has local admin rights, is trusted for delegation, Server A and B are also trusted for delegation
- On startup server B gives a warning about SPNRegister (below). I have run setSPN -A to add the sql service but I still get the error, have rebooted. setSPN -L shows the necessary entry (also below) --- I first had a problem when we changed to using a domain account with SSPI issues not working and all the windows authentication stopped, this was easily fixed with setSPN but I'm still getting the warning.
I'm at a complete loss about what else to try and would very much appreciate suggestiosn about how to get this working!
C:\Program Files\Resource Kit>setspn -L lmfjecomsql
Registered ServicePrincipalNames for CN=LMFJECOMSQL,OU=Servers,DC=lmfj,D
C=com:
MSSQLSvc/lmfjecomsql.lmfj.com:1433
HOST/LMFJECOMSQL
HOST/lmfjecomsql.lmfj.com
C:\Program Files\Resource Kit>
Event Type: Warning
Event Source: MSSQLServer
Event Category: (8)
Event ID: 19011
Date: 5/31/2006
Time: 9:59:18 PM
User: N/A
Computer: LMFJECOMSQL
Description:
SuperSocket info: (SpnRegister) : Error 8344.
For more information, see Help and Support Center at
Event Type: Information
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 17055
Date: 5/31/2006
Time: 10:07:53 PM
User: N/A
Computer: LMFJECOMSQL
Description:
18452 :
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
For more information, see Help and Support Center at Data:
0000: 14 48 00 00 0e 00 00 00 .H......
0008: 0c 00 00 00 4c 00 4d 00 ....L.M.
0010: 46 00 4a 00 45 00 43 00 F.J.E.C.
0018: 4f 00 4d 00 53 00 51 00 O.M.S.Q.
0020: 4c 00 00 00 07 00 00 00 L.......
0028: 6d 00 61 00 73 00 74 00 m.a.s.t.
0030: 65 00 72 00 00 00 e.r...
