Error creating MS SQL Server Accounts

book

Article ID: 103384

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

We talk about the static OOTB "MS SQL" endpoint type (not a dynamic ConnXP custom one). 
When trying to add a "MS SQL Login" via an account template or not, it fails with the following error message: 
"Bad SQL Grammar: The transaction ended in the trigger. The batch has been aborted" 

Cause

We fail when running a "CREATE LOGIN" statement into a TRIGGER. 
Out Of The Box there is no trigger involved for this action.

Environment

IM r12.6.x version.
MS SQL server endpoint version is 2008 R2.

Resolution

Asked the DBA to check if a TRIGGER is involved when a "CREATE LOGIN" statement is issued.
Answered was yes.
There was a trigger executing on Create Login to check and validate the user author of the request.
They needed to add the IM MS SQL admin proxy user on their validated users list.