We are setting up a new installation of BigFix and having problems with WebUI. When SQL force encryption was on at the beginning of the installation, WebUI was stuck at initializing. I found the WebUI datasync.log file and it only had two lines, for beginning and initializing:
Mon, 22 Oct 2018 14:18:38 GMT bf:datasync:initialize:debug Beginning initialization at 2018-10-22T10:18:38-04:00
Mon, 22 Oct 2018 14:18:38 GMT bf:datasync:initialize:debug Initiating Cache Refresh with TTL : 600 sec
I found in another thread that when SQL encryption is turned on, _WebUIAppEnv_MSSQL_CXN_ENCRYPT should be set to 1 for the WebUI server. This did not help WebUI being stuck at initializing, so I turned off the force encryption in SQL Configuration Manager and the installation started working.
The installation is BigFix 9.5.9 on Windows Server 2016 with SQL Server 2016 Enterprise SP2. The SQL installation is local on the BigFix root server, with WebUI on a separate Server 2016 machine.
After turning the SQL encryption on again, WebUI is stuck at initializing but now with errors in the datasync.log:
Mon, 22 Oct 2018 14:18:38 GMT bf:datasync:initialize:debug Beginning initialization at 2018-10-22T10:18:38-04:00
Mon, 22 Oct 2018 14:18:38 GMT bf:datasync:initialize:debug Initiating Cache Refresh with TTL : 600 sec
Mon, 22 Oct 2018 14:18:44 GMT bf:database:error Unable to establish a database connection, please ensure database configuration has been deployed correctly.
Failed with error: Login failed.
Mon, 22 Oct 2018 14:18:44 GMT bf:datasync:reset:error Error in reset ConnectionError: Login failed.
Am I correct that WebUI will be trying to use SQL port 1433 regardless of the encryption setting? If so, it seems the local firewall is not an issue since WebUI worked with encryption turned off. Is there another WebUI setting I may need for having SQL encryption turned on?
Hmm, it should work then. Are you sure you set the WebUI setting correctly? It should be under the usual client settings location of the registry, with a String Value named “value” set to 1. And then the BES WebUI service should be restarted to pick it up.
We got Jeff up and running with local SQL user accounts and we discovered a bug with the current version of node-mssql with MSSQL in Force Encrypt + Using a Domain Account.
Gritty details: It’s possible that an upgrade of node-mssql might fix it, and it’s possible that there might be a bug in node-mssql that might be the root cause: https://github.com/tediousjs/node-mssql/issues/664. It’s also possible for us to just not use node-mssql and use tedious directly to get this working (we proved that out in our lab). Either way, it’s gonna take some dev time to get through this one.
Let us know if a lot of people are running into this one here on the forums so we’ll prioritize this higher! When we have this fixed we’ll post back on the forums!
I would be interested in this one! I believe I may have ran into a very similar/same issue. We had a named instance + Domain Account + Encryption, which all seem to be supported, but just not at the same time. Changing to a SQL Account resolved our issue. I’ll keep an eye out for when a decision is made so I can test this out again.