SSPI handshake failed with error code 0x8009030c w

2019-03-15 09:08发布

问题:

I get the following error while trying to connect to SQL Server 2005 using JDBC connection.

 Error: 17806, Severity: 20, State: 2.
 Logon       SSPI handshake failed with error code 0x8009030c while establishing 
             a connection with integrated security; the connection has been 
             closed. [CLIENT: 127.0.0.1]
 Logon       Error: 18452, Severity: 14, State: 1.
 Logon       Login failed for user ''. The user is not associated with a trusted 
             SQL Server connection. [CLIENT: 127.0.0.1]

MY connection URL:

jdbc:sqlserver://LOCALHOST:1433;DatabaseName=master;integratedSecurity=true

回答1:

The key to this issue, for me at least, is the fact that the connection to SQL Server is being made over the loopback interface (127.0.0.1). I had the same symptoms, and found the answer in this blog post.

To summarise: there is a loopback check taking place which causes trusted connections via the loopback adapter to fail. This check can be removed by adding a registry entry as follows:

  1. Edit the registry using regedit. (start –> run … Regedit )
  2. Browse to : HKLM\System\CurrentControlSet\Control\LSA
  3. Add a DWORD value called “DisableLoopbackCheck”
  4. Set this value to 1

I rebooted after making this change, just to be sure, but you may find that this is not necessary. After this registry change was effected, I could make trusted connections via the loopback adapter.

Kudos to the Blackhawk Consulting Blog for pointing me in the right direction on this issue.



回答2:

I also had this problem, and the cause was simple: my domain user's password had expired, so the credentials had been revoked.

As it happened, I had also left SQL Management Studio open so it generated errors like these every 2-3 minutes until I changed my domain password.



回答3:

Had the same exact message with this 0x8009030c code.

In my case, the user didn't have access to the sql computer from the network and I had a failure audit message indicating that (I think the same message also happens in other cases).

Go to: Local Security Policy -> Security Settings -> Local Policies -> User Rights Assignment -> Access this computer from the network -> add the user

It fixed the problem



回答4:

Using Microsoft's err.exe

C:\>err 0x8009030c
# for hex 0x8009030c / decimal -2146893044 :
  SEC_E_LOGON_DENIED                                            winerror.h
# The logon attempt failed
# 1 matches found for "0x8009030c"

A DC will deny a login for many different reasons, including intermittent connectivity failures to a DC.



回答5:

Another cause can be if the account is locked out. We had this due to a rogue service running every half hour with the wrong password. The account was a service account and set to unlock itself after a few minutes where this occurred so it was quite difficult to track down.