search cancel

SoftwarePackageManagementService, CreatePackage method throwing error when SMP is using non default Agent Connectivity Credentials

book

Article ID: 162586

calendar_today

Updated On:

Products

Software Management Solution

Issue/Introduction

Problem Description:
Customer is utilizing the SoftwarePackageManagementService ASDK page, CreatePackage method to create a software package and associate it to a software release.

Steps to Reproduce:

  • Under Settings > Agents/Plug-ins > Global Settings - tick use these credentials and enter a domain user account.  This account should not have any access to the Symantec CMDB as it normally would not.
  • Using the SMP console create a new software release with no software package:
    • Navigate to Manage > Software Catalog
    • When the Software Catalog opens choose Add > Software Release
    • Give it a name, Version, and assign a company.  Click on OK to save without going to the package section.
  • Navigate to Manage > All Resources - Organizational Views > Default > All resources > Software Component > Software Release
  • Find the newly created software release and right click it.  Choose properties.
  • Copy the GUID to use later in the SoftwareResourceGuid section.
  • Open:  http://localhost/altiris/asdk.smf/SoftwarePackagemanagementservice.asmx?op=CreatePackage
  • Entered the following information (below for reference),

https://symantecb2b--c.na32.content.force.com/servlet/rtaImage?eid=aBg38000000gGbR&feoid=00N500000032t8r&refid=0EM38000000DdOh

  • Press “Invoke” and notice the error thrown.
  • View the log entry on the SMP and notice the Inner Exception is referencing the ACC account?  We are assuming this is not supposed to happen.
  • Navigate to Manage > All Resources - Organizational Views > Default > All resources > Package.
  • Notice that the software package was indeed created.  However, right click on the software package and highlight Action.  Notice that you have the option to assign to software resource?  When this does not error with this problem, the assign to software resource is not something available because it's successfully associated. 

 

  • Now under Settings > Agents/Plug-ins > Global Settings - Choose Use Application Credentials.  Repeat the steps above and note no error is thrown.  Now right click on the software package and highlight Action.  Notice that you do not have the option to assign to software resource?


In addition, you can use the method to create a new package while still using the ACC.  This only seems to happen when you use a software resource GUID to associate the software release to the software package.

Failed to construct DatabaseContext object. Connection to database failed. ( Unhandled exception.  Type=Altiris.NS.Exceptions.DatabaseNotReadyException Msg=Failed to construct DatabaseContext object. Connection to database failed. Src=Altiris.NS
StackTrace=
   at Altiris.NS.ContextManagement.AdminDatabaseContext.ThrowDatabaseNotReadyException(String exceptionDetails, Exception innerException)
   at Altiris.Database.DatabaseContext`1.Initialize(Boolean beginTransaction, IsolationLevel isolationLevel)
   at Altiris.Database.DatabaseContext`1.GetContext(ContextTransactionMode tmode, Nullable`1 isolationLevel, Boolean independentContext)
   at Altiris.Resource.ResourceAssociations.LoadBulk(Guid resourceGuid, Boolean isParent, ICollection`1 resourceAssociationTypes, ItemLoadFlags resourceDataItemsLoadFlags)
   at Altiris.Resource.ResourceData.InitialiseParentResourceAssociations()
   at Altiris.Resource.ResourceData.get_ParentResourceAssociations()
   at Altiris.SoftwareManagement.Resources.SoftwarePackageResource.get_SoftwareInstallationFiles()
   at Altiris.SoftwareManagement.SoftwareManagementHelper.GenerateComponentKeys(Guid packageGuid, SoftwareComponentResource& SoftwareComponent)
   at Altiris.SoftwareManagement.Resources.SoftwarePackageResource.PostCreatePackage(Guid guidPackage, SoftwareComponentResource& softwareResource, Boolean bGenerateCmdLines, Boolean bSoftwareResourceReadOnly)
   at Altiris.SoftwareManagement.Resources.SoftwarePackageResource.PostCreatePackage(Guid guidPackage, Guid guidSoftwareResource, Boolean bGenerateCmdLines, Boolean bSoftwareResourceReadOnly)
   at Altiris.ASDK.SMF.SoftwarePackageManagementLib.CreatePackage(String Name, String Description, Guid SoftwareResourceGuid, Int32 PackageSourceType, String PackageLocation, String PackageFolder, String InstallationFile, Boolean AutoGenerateCommandLines)
 
Inner exception.  Type=Altiris.NS.Exceptions.AeXException Msg=Failed to open database connection. Current user is <ACC user name>. Error: Login failed for user '<ACC user name>'. Src=Altiris.NS StackTrace=   at Altiris.NS.Utilities.DbUtils.OpenConnection(SqlConnection dbConn)
   at Altiris.NS.Utilities.DbUtils.CreateConnection(String server, String catalog, String user, String password)
   at Altiris.NS.ContextManagement.AdminDatabaseContext.OpenDbConnection()
   at Altiris.Database.DatabaseContext`1.Initialize(Boolean beginTransaction, IsolationLevel isolationLevel)
 
Inner exception.  Type=System.Data.SqlClient.SqlException Msg=Login failed for user 'MS\stg_altacc1'. Src=.Net SqlClient Data Provider StackTrace=   at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
   at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
   at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
   at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
   at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
   at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
   at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData)
   at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
   at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
   at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
   at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
   at System.Data.SqlClient.SqlConnection.Open()
   at Altiris.NS.Utilities.DbUtils.OpenConnection(SqlConnection dbConn) )
**CEDUrlStart** :http://entced.symantec.com/entt?product=SMP&version=7.6.1383.0&language=en&module=66+T9+RCgs2Jzf6H1yCL/ajzdk7JdnsWkuADfqwM9mmNRrQza4rDRSOcA70HCBvW&error=-1591251261&build=**CEDUrlEnd**
-----------------------------------------------------------------------------------------------------
Date: 10/28/2015 4:08:19 PM, Tick Count: 890824755 (10.07:27:04.7550000), Host Name: xxxxxxx, Size: 6.69 KB
Process: w3wp (11904), Thread ID: 439, Module: w3wp.exe
Priority: 1, Source: Altiris.ASDK.SMF.Web.SoftwarePackageManagementService.CreatePackage
File: E:\Program Files\Altiris\Notification Server\Logs\a.log


 

Cause

Unknown

We have specific user who has rights to access package source locations (especially UNC), but in this case user has no rights to modify NS items.
Fixed by moving impersonation block to affect only file system operations,

Resolution

None at this time.
This has been referred to our Developers for review
.

Fixed in:

ETrack 3877145 - 7.6 HF7
ETrack 3879514 - 7.6 no HF
ETrack 3877284 - 8.0

Attachments

rtaImage.png get_app