This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Password Verification: Enter administrator password", "Database [253] Access Denied"

Go to answer
Matti_Pellinen1
Confirmed Champ
Confirmed Champ

‎09-03-2015 03:59 AM

I have deployed a number of Thick Clients to different workstations. Some of these clients ask: "Password Verification: Enter administrator password", and give the error "Database [253] Access Denied" after logging into the OnBase using ODBC. Some installations work just fine, they have their workstation name registered as login when the installation was done manually. Now when the client is deployed automatically, workstations are not added into the users-list in the SQL DB, and seems not to work. This is just my theory, but how can I fix this and the deployment? I have not altered HSI's rights in config or in DB. However, deployed application is different: it's just a shortcut to the .exe whereas all client files were put into the workstation when installed manually.

Labels:
0 Kudos
1 ACCEPTED ANSWER

Go to answer
Scott_McLean
Elite Collaborator
Elite Collaborator

‎09-04-2015 05:07 AM

Hi Matti,

There is an alternative.

In OnBase Configuration, under Users > Global Client Settings, on the Security tab, you can check the box labeled "Disable workstation account creation."

When this is checked, the HSI account is used for SQL Server logon instead of workstation-specific logons.

Per the System Administration MRG:

When this option is selected, the hsi user will not be able to create workstation accounts.
Instead, the hsi account itself will be used to log in to the database.

I've never used this option personally, but I think it may address your need.

One caveat: I am not sure if HSI requires the SecurityAdmin role for anything else, but since the documentation states that it is a requirement, for a long-term solution, I would suggest migrating the OnBase database to a separate instance, where HSI can be given the required roles.

Kind regards,

-Scott

View answer in original post

0 Kudos
7 REPLIES 7

Go to answer
Chris_Arpajian
Confirmed Champ
Confirmed Champ

‎09-03-2015 04:11 AM

Hi Matti,

While I would recommend contacting your first line of support, here are some questions which may help narrow down your issue:

On an impacted machine, can you navigate directly to the obclnt32.exe and launch it, select your ODBC and login without issue?

Are there any Command Line Switches you've added to the shortcut you are pushing out automatically which other machines do not have?

I assume when this issue is happening, the other machines previously deployed can still login without issue?

Have you checked the ODBC connection you've deployed to ensure you're hitting your same DB Server, Instance and DB as the working machines?

0 Kudos

Go to answer
Matti_Pellinen1
Confirmed Champ
Confirmed Champ
In response to Chris_Arpajian

‎09-03-2015 05:23 AM

No, the error comes even if I launch obclnt32.ee directly.
No, there are no additional switches in the shortcat.
Yes, the other machines can login without issue.
Yes, the ODBC is identical.
I think this must be related to the workstation logins in the DB, if I only could verify this. And if I can, it's not the solution yet... 😞
0 Kudos

Go to answer
Scott_McLean
Elite Collaborator
Elite Collaborator

‎09-03-2015 05:35 AM

Try adding the securityadmin role to the HSI login on SQL server.

This is the role used to automatically add the workstation logins on SQL server.

Per the database reference guide:

The minimum permission required for the HSI server login is the securityadmin role. If the HSI login is not assigned this role, and if the sa password is not blank or the same as the HSI default password, then a user logging on to OnBase from a workstation for the first time will receive the message "Enter Administrator Password"

0 Kudos

Go to answer
Matti_Pellinen1
Confirmed Champ
Confirmed Champ
In response to Scott_McLean

‎09-04-2015 02:52 AM

This is indeed the reason to our problem. But originally, we migrated our OnBaseDB from SQL2005 to SQL2012 server, and at that point the securityadmin role had to be taken away since there are other databases in the server as well. Our DB Admin didn't quess the results but says if he had known this he would have installed OnBase DB into it's own SQL Server instance.
Now we are in limbo: for security reasons we can't add securityadmin role to the HSI user, and it's not able to create workstation users. I could create workstation users manually, before their deployment, but I don't know which password to give them, it's hidden in OnBase dll-files or somewhere. Any workarounds?
0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC