Connector Solution User rule import is failing, it shows the following error: [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.

book

Article ID: 225667

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

When the customer is trying to run a Connector Solution User rule import, it shows the following error:

The import rule '02 - Detalhes do CI Usuario' failed. Error: [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.

The NS logs shows the following full error:

An error occurred executing resource import rule: '02 - Detalhes do CI Usuario' (486a0709-f9c5-4a25-adc9-606d2cc6f70c)

[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error.
   [System.Data.OleDb.OleDbException @ Microsoft OLE DB Provider for SQL Server]
   at System.Data.OleDb.OleDbConnectionInternal..ctor(OleDbConnectionString constr, OleDbConnection connection)
   at System.Data.OleDb.OleDbConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningObject)
   at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionInternal.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
   at System.Data.OleDb.OleDbConnection.Open()
   at Altiris.Connector.DataSource.OleDbDataSource.GetColumns(Boolean bForImport)
   at Altiris.Connector.DataSource.DataSourceBaseItem.get_ImportColumns()
   at Altiris.Connector.ImportExportRules.ResourceImport.GenerateColumnsList(ResourceDataMapping mapping, IDataSource dataSource, String filterExpressionString, Boolean isChunked)
   at Altiris.Connector.ImportExportRules.ResourceImport.StartImport_Full(ResourceDataConnectorRule itemTask, ResourceDataMapping mapping, IDataSource dataSource, ResourceImportResults results, DateTime lastImportDt, Boolean bAllowResourceDeletes, Boolean bAllowResourceCreates, Boolean bAllowResourceUpdates, String[] trusteeMemberships, Guid retiredAssetStateGuid, Boolean bLoggingEnabled, Boolean bTestOnly)

Exception logged from: 
   at Altiris.Connector.ImportExportRules.ResourceImport.StartImport_Full(Altiris.Connector.ImportExportRules.ResourceDataConnectorRule, Altiris.Connector.ImportExportRules.ResourceDataMapping, Altiris.Connector.DataSource.IDataSource, Altiris.Connector.ImportExportRules.RunResults.ResourceImportResults, System.DateTime, Boolean, Boolean, Boolean, String[], System.Guid, Boolean, Boolean)
   at Altiris.Connector.ImportExportRules.ResourceImport.StartImport(Altiris.Connector.ImportExportRules.ResourceDataConnectorRule, Altiris.Connector.ImportExportRules.ResourceDataMapping, Altiris.Connector.DataSource.IDataSource, System.DateTime, Boolean, Boolean, Boolean, System.Guid, String[], Int32, Boolean, Boolean)
   at Altiris.Connector.ImportExportRules.ResourceDataConnectorRule.OnRunImportRule(Boolean)
   at Altiris.Connector.ImportExportRules.BaseDataConnectorRule.ExecuteTask(System.Collections.Hashtable, Altiris.NS.ItemTaskManagement.ItemTaskState)
   at Altiris.NS.TaskManagement.CoreTaskServiceThreadBase<T,TStartArgs>.ExecuteThreadProc(Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, Object)
   at System.Threading.ThreadHelper.ThreadStart(Object)

-----------------------------------------------------------------------------------------------------
Date: 07/10/2021 14:04:10, Tick Count: 1092935921 (12.15:35:35.9210000), Size: 3,94 KB
Process: AeXSvc (4932), Thread ID: 88, Module: Altiris.Connector.dll
Priority: 1, Source: Altiris.Connector.ImportExportRules.ResourceImport.StartImport_Full

Cause

The customer disabled TLS 1.0, leaving only TLS 1.1 and 1.2 enabled on both of the servers: SQL and SMP servers.

This is due to the SQLOLEDB provider not supporting TLS 1.2. If TLS 1.0 and TLS 1.1 are not present or enabled on the server it will break the provider's function, causing an error to appear. 

https://support.microsoft.com/en-us/topic/kb3135244-tls-1-2-support-for-microsoft-sql-server-e4472ef8-90a9-13c1-e4d8-44aad198cdbe

Environment

ITMS 8.5, 8.6

Resolution

To resolve this, Microsoft has published the MSOLEDSQL driver, which features backwards compatibility with SQLOLEDB and can be used as a replacement. To do this, download the driver from Microsoft and install it to the server, then change the connection string provider from SQLOLEDB to MSOLEDBSQL and recycle the site's application pool.
 

Attachments