Error message meaning
[html]
This means code is throwing an unhandled exception.
[/html]
Debug
- Event Viewer -> Windows Logs -> Application
[html]Login failed for user ‘domain\user$’. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: 10.10.10.10][/html] - Error message meaning
[html]
1. It would come for windows accounts only.
2. If you are seeing $ in the user name, then it is a machine account / computer account. This mostly happens when a “service” running on the remote machine is connecting to SQL.
3. If you are not seeing $ in the user name, then it is a user account.
[/html]
Solutions
- If you are seeing login failure for machine account, then you may want to give permission to machine account. You need to run T-SQL like below (replace domain and machine name)
[sql]
CREATE LOGIN [\ $] FROM WINDOWS
[/sql] - If it’s a windows domain user account, then it needs to have connect permission
[sql]
GRANT CONNECT SQL TO [DOMAIN\User]
[/sql] - If few cases, account is part of a group (or many groups) then you need to make sure there is no “DENY” permission inherited via group membership.
[sql]
SELECT sp.[name],sp.type_desc
FROM sys.server_principals sp
INNER JOIN sys.server_permissions PERM ON sp.principal_id = PERM.grantee_principal_id
WHERE PERM.state_desc = ‘DENY’
[/sql] - If the message only comes with local connectivity and same account works fine remotely then it could be a UAC issue. This means that Elevation is required to connect properly, but you do not see any of the normal prompts to elevate. To use elevation (while launching the SSMS to connect to a locally running instance of SQL) Right click->Select “Run as administrator”.
Leave a Reply