RiskFabric Processing job step failure: Access is denied
search cancel

RiskFabric Processing job step failure: Access is denied


Article ID: 240260


Updated On:


Information Centric Analytics


Any or all of the nightly RiskFabric Processing job steps of type Operating system (CmdExec) fail and throw an error similar to the following:

The process could not be created for step <n> of job 0x9309FE9EE7E6794496873373CDCC1318 (reason: Access is denied). The step failed.

The job steps of type Operating system (CmdExec) and the executables they run are:

Step Name

Step Number



Metric Collector 22 RiskFabricCollector.exe N/A
Update DB Utility Versions 23 TaskRunner.exe TaskRunner.Tasks.Custom.DBUtilitiesVersionUpdater
Send License Expiration Notifications 25 TaskRunner.exe TaskRunner.Tasks.Custom.SecurityNewsletterEmailTask spExpiringLicenseNotificationCheck
Send Scenario Step Up Emails 26 TaskRunner.exe TaskRunner.Tasks.Custom.SecurityNewsletterEmailTask spGetStepUpEmails "" "" spUpdateStepUpEmailSent
Send Email Notifications 27 TaskRunner.exe TaskRunner.Tasks.Custom.SecurityNewsletterEmailTask spGetFailedEmailsForResending "" "" spUpdateFailedEmailsForResending

: This article also applies to the Bay Dynamics AD Connector Job which executes the Active Directory Connector Utility as part of Information Centric Analytics' (ICA) integration with Active Directory. When troubleshooting this error with the Bay Dynamics AD Connector Job, substitute the terms Bay Dynamics AD Connector Proxy for RiskFabric Nightly Processing proxy and Bay Dynamics AD Connector Credential for RiskFabric Nightly Processing credential.


Release : 6.x

Component : RiskFabric Processing


These job steps are executed by the SQL Server Agent using impersonation via the RiskFabric Nightly Processing proxy. The proxy uses the RiskFabric Nightly Processing credential, which runs under an identity that is typically the service account you have designated as the owner of the RiskFabric database. The error described in this article will occur if the service account does not have rights to either access the path or execute the command specified in the job step.


To resolve this error, ensure the RiskFabric Nightly Processing credential's identity account has rights to access the path specified in the failing job step(s), and confirm the path specified is valid.

To determine the account being used as the RiskFabric Nightly Processing credential's identity, follow this procedure:

  1. Open SQL Server Management Studio (SSMS)
  2. Connect to the Database Engine hosting the RiskFabric database
  3. In Object Explorer, navigate to Security > Credentials
  4. Right-click the RiskFabric Nightly Processing credential and select Properties
  5. In the Credential Properties window, note the account specified as the credential's Identity

For SQL Server Agent job steps of type Operating system (CmdExec), command names that contain spaces should be enclosed in quotation marks, with any switches or arguments placed outside the quotation marks:

"<path>\<executable>" <arguments>

For example:

"E:\Program Files\Bay Dynamics\Database Utilities\TaskRunner\TaskRunner.exe" TaskRunner.Tasks.Custom.DBUtilitiesVersionUpdater