New Enterprise Devolutions Server Deployment - Unable to auto-create users
New Enterprise Devolutions Server Deployment - Unable to auto-create users
Our setup is below.
1) Dedicated SQL 2016 server with ssl encryption enabled
2) Dedicated Devolutions Server on 2012 R2 IIS with SSL
3) AD Integration - AD Group Names = Role Names
When launching RDM as domain user (where that user is a member of an AD group that is mapped to a role), the user is denied access and no user is auto created. As soon as we manually create the user on the Devolutions side, everything works and the role permissions are applied. The option to auto-create users is selected. 
Not sure if this is related but we keep getting these messages from Devolutions.
Error:
SqlException - The UPDATE permission was denied on the object 'ConnectionLog', database 'DVLS', schema 'dbo'. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds, Boolean describeParameterEncryptionRequest) at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at Devolutions.Server.DatabaseManager.ExecuteNonQuery(String sql, IDbDataParameter[] parameters) in c:\Dev\devolutions11_5\Websites\Server\Common\Managers\DatabaseManager.cs:line 258 at Devolutions.Server.ConnectionLogManager.UpdateLogEntry(UpdateLogEntryEntity logEntry) in c:\Dev\devolutions11_5\Websites\Server\Common\Managers\ConnectionLogManager.cs:line 640 --- update dbo.ConnectionLog set EndDateTime = ?, EndDateTimeUTC = ?, ManualEndDateTime = ?, ManualClosedBy = ?, CloseMode = ?, ActiveTime = ?, ClosePrompt = ? where ID = ?
Source:
.Net SqlClient Data Provider
Error:
SqlException - The INSERT permission was denied on the object 'ConnectionLog', database 'DVLS', schema 'dbo'. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds, Boolean describeParameterEncryptionRequest) at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at Devolutions.Server.DatabaseManager.ExecuteNonQuery(String sql, IDbDataParameter[] parameters) in c:\Dev\devolutions11_5\Websites\Server\Common\Managers\DatabaseManager.cs:line 258 at Devolutions.Server.ConnectionLogManager.AddLogEntry(LogEntryEntity logEntry, String userInfoId, String userName) in c:\Dev\devolutions11_5\Websites\Server\Common\Managers\ConnectionLogManager.cs:line 89 --- INSERT INTO ConnectionLog ( [ID] ,[Username] ,[MachineName] ,[Message] ,[MessageType] ,[ConnectionName] ,[ConnectionTypeName] ,[ConnectionID] ,[ConnectionUserName] ,[StartDateTime] ,[EndDateTime] ,[StartDateTimeUTC] ,[EndDateTimeUTC] ,[GroupName] ,[CustomerID] ,[Comment] ,[LoggedUserName] ,[Prompt] ,[SecurityGroup] ,[Cost] ,[Data] ,[UserInfoID] ,[SupportClose] ,[CloseMode] ,[OpenMode] ,[HostName] ,[Application] ,[IsEmbedded] ) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)
Source:
.Net SqlClient Data Provider
All Comments (1)
Hello,
Could you please try to remove the Trusted Domain value and see if it helps for the Auto-create users?
About the error message, have you configured the Integrated Security on DVLS? If yes, could you please run the following SQL Statement? Please replace the user DONWHILL\RDMRunner with the proper username.GRANT INSERT, UPDATE, DELETE ON Connections TO [DOWNHILL\RDMRunner];
Best regards,
Érica Poirier