Data Center Security (DCS) Agent: Cluster Failover Fails with the Error "File Write Denied for SQLSERVR.EXE on D:\MSSQL12.MSSQLSERVER\MSSQL\Log\ERRORLOG"

book

Article ID: 170582

calendar_today

Updated On:

Products

Data Center Security Server Advanced

Issue/Introduction

A DCS agent has just been installed on an SQL Cluster and the Cluster Failover is failing with the error "File Write Denied for SQLSERVR.EXE on D:\MSSQL12.MSSQLSERVER\MSSQL\Log\ERRORLOG"

Allowing the SQLServer sandbox to write on D:\MSSQL12.MSSQLSERVER\MSSQL\Log\ERRORLOG doesn't fix the issue and the event "File Write Denied for SQLSERVR.EXE on D:\MSSQL12.MSSQLSERVER\MSSQL\Log\ERRORLOG" is still appearing

 "File Write Denied for SQLSERVR.EXE on D:\MSSQL12.MSSQLSERVER\MSSQL\Log\ERRORLOG"

Cause

Disk partitions are internally referred as harddisk volumes instead of the drive letters (C:, D: ). In DCS, paths are referred with respect to harddisk volumes.
For example,
“C:\Windows” gets converted to “\Device\HarddiskVolume2\Windows” in the translated local policy file.
 
When policy gets translated the drive letter is mapped to one harddisk volume.
So DCS is adding allow rules for that harddisk volume. But when failing over cluster it looks like it is referring to different harddisk volume.  Due to this files gets blocked.

Resolution

In this case allow the MSSQL Sandbox to write to "*\MSSQL11.INST1\MSSQL\Log\ERRORLOG" should fix the issue:

Attachments