Tag Archives: port

Cannot connect to database master 1920x1080

Cannot connect to database master SharePoint 2016

Advertisements
Advertisements

Cannot connect to database master

While running psconfig wizard got error as "Cannot connect to database master at SQL Server at server_name. The database might not exist, or the current user does not have permission to connect to it"

Error:

"Cannot connect to database master at SQL Server at server_name. The database might not exist, or the current user does not have permission to connect to it" 

cannot-connect-to-database-master-at-server_sharepoint2016

Solution:

Open the Windows Firewall with Advanced Services and add an inbound rule to allow traffic over port 1433.

 

Advertisements
Advertisements
Advertisements

Configuring SQL Server client aliases

If you block UDP port 1434 or TCP port 1433 on the computer that is running SQL Server, you must create a SQL Server client alias on all other computers in the server farm. You can use SQL Server client components to create a SQL Server client alias for computers that connect to SQL Server.

To configure a SQL Server client alias

  1. Verify that the user account that is performing this procedure is a member of either the sysadmin or the serveradmin fixed server role.
  2. Run Setup for SQL Server on the target computer, and install the following client components:

Connectivity Components

Management Tools

  1. Open SQL Server Configuration Manager.
  • In the navigation pane, click SQL Native Client Configuration.

  • In the main window under Items, right-click Aliases, and select New Alias.

  • In the Alias – New dialog box, in the Alias Name field, enter a name for the alias. For example, enter SharePoint_alias.

  • In the Port No field, enter the port number for the database instance. For example, enter 40000. Make sure that the protocol is set to TCP/IP.

  • In the Server field, enter the name of the computer that is running SQL Server.

  • Click Apply, and then click OK.

  • Verification: You can test the SQL Server client alias by using SQL Server Management Studio, which is available when you install SQL Server client components.

  • Open SQL Server Management Studio.

  • When you are prompted to enter a server name, enter the name of the alias that you created, and then click Connect. If the connection is successful, SQL Server Management Studio is populated with objects that correspond to the remote database.

  • To check connectivity to additional database instances from SQL Server Management Studio, click Connect, and then click Database Engine.

  • See also :

    Securing SharePoint: Harden SQL Server in SharePoint Environments

    How to: Configure a Windows Firewall for Database Engine Access

    How to: Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager)

    Configuring Windows Firewall to open manually assigned ports

    To access a SQL Server instance through a firewall, you must configure the firewall on the computer that is running SQL Server to allow access. Any ports that you manually assign must be open in Windows Firewall.

    To configure Windows Firewall to open manually assigned ports

    1. Verify that the user account that is performing this procedure is a member of either the sysadmin or the serveradmin fixed server role.
    2. In Control Panel, open System and Security.

    3. Click Windows Firewall, and then click Advanced Settings to open the Windows Firewall with Advanced Security dialog box.

    4. In the navigation pane, click Inbound Rules to display the available options in the Actions pane.

    5. Click New Rule to open the New Inbound Rule Wizard.

    6. Use the wizard to complete the steps that are required to allow access to the port that you defined in  Configure a SQL Server instance to listen on a non-default port.

    Note:

    You can configure the Internet Protocol security (IPsec) to help secure communication to and from your computer that is running SQL Server by configuring the Windows firewall. You do this by selecting Connection Security Rules in the navigation pane of the Windows Firewall with Advanced Security dialog box.

    Blocking default SQL Server listening ports

    Windows Firewall with Advanced Security uses Inbound Rules and Outbound Rules to help secure incoming and outgoing network traffic. Because Windows Firewall blocks all incoming unsolicited network traffic by default, you do not have to explicitly block the default SQL Server listening ports. For more information, see Windows Firewall with Advanced Security and Configuring the Windows Firewall to Allow SQL Server Access.

    Configuring a SQL Server instance to listen on non-default port

    SQL Server provides the ability to reassign the ports that are used by the default instance and any named instances. In SQL Server 2008 R2, and SQL Server 2012, you reassign the TCP port by using SQL Server Configuration Manager. When you change the default ports, you make the environment more secure against hackers who know default assignments and use them to exploit your SharePoint environment.

    To configure a SQL Server instance to listen on a non-default port

    1. Verify that the user account that is performing this procedure is a member of either the sysadmin or the serveradmin fixed server role.
    2. On the computer that is running SQL Server, open SQL Server Configuration Manager.

    3. In the navigation pane, expand SQL Server Network Configuration.

    4. Click the corresponding entry for the instance that you are configuring.

    The default instance is listed as Protocols for MSSQLSERVER. Named instances will appear as Protocols for named_instance.

    1. In the main window in the Protocol Name column, right-click TCP/IP, and then click Properties.
  • Click the IP Addresses tab.

  • For every IP address that is assigned to the computer that is running SQL Server, there is a corresponding entry on this tab. By default, SQL Server listens on all IP addresses that are assigned to the computer.

    1. To globally change the port that the default instance is listening on, follow these steps:

     For each IP address except IPAll, clear all values for both TCP dynamic ports and TCP Port.

     For IPAll, clear the value for TCP dynamic ports. In the TCP Port field, enter the port that you want the instance of SQL Server to listen on. For example, enter 40000.

    1. To globally change the port that a named instance is listening on, follow these steps:

     For each IP address including IPAll, clear all values for TCP dynamic ports. A value of 0 for this field indicates that SQL Server uses a dynamic TCP port for the IP address. A blank entry for this value means that SQL Server will not use a dynamic TCP port for the IP address.

     For each IP address except IPAll, clear all values for TCP Port.

     For IPAll, clear the value for TCP dynamic ports. In the TCP Port field, enter the port that you want the instance of SQL Server to listen on. For example, enter 40000.

    1. Click OK.

    A message indicates that that the change will not take effect until the SQL Server service is restarted. Click OK.

    1. Close SQL Server Configuration Manager.
  • Restart the SQL Server service and confirm that the computer that is running SQL Server is listening on the port that you selected.

  • You can confirm this by looking in the Event Viewer log after you restart the SQL Server service. Look for an information event similar to the following event:

    Event Type:Information

    Event Source:MSSQL$MSSQLSERVER

    Event Category:(2)

    Event ID:26022

    Date:3/6/2008

    Time:1:46:11 PM

    User:N/A

    Computer:computer_name

    Description:

    Server is listening on [ ‘any’ <ipv4>50000]

    1. Verification: Optionally, include steps that users should perform to verify that the operation was successful.

    TCP IP Ports of SharePoint 2013

    Advertisements
    Advertisements

    TCP IP Ports of SharePoint 2013

    Protocol Port Usage Comment
    TCP 80 http Client to SharePoint web server traffic
    (SharePoint – Office Web Apps communication)
    TCP 443 https/ssl Encrypted client to SharePoint web server traffic
    (Encrypted SharePoint – Office Web Apps communication)
    TCP 1433 SQL Server default communication port. May be configured to use custom port for increased security
    UDP 1434 SQL Server default port used to establish connection May be configured to use custom port for increased security
    TCP 445 SQL Server using named pipes When SQL Server is configured to listen for incoming client connections by using named pipes over a NetBIOS session, SQL Server communicates over TCP port 445
    TCP 25 SMTP for e-mail integration Cannot be configured
    TCP 16500-16519 Ports used by the search index component Intra-farm only
    Inbound rule Added to Windows firewall by SharePoint
    TCP 22233-22236 Ports required for the AppFabric Caching Service Distributed Cache…
    TCP 808 Windows Communication Foundation communication WCF
    TCP 32843 Communication between Web servers and service applications http (default) To use custom port, see references section
    Inbound rule Added to Windows firewall by SharePoint
    TCP 32844 Communication between Web servers and service applications https
    Inbound rule Added to Windows firewall by SharePoint
    TCP 32845 net.tcp binding: TCP 32845 (only if a third party has implemented this option for a service application)  Custom Service Applications
    Inbound rule Added to Windows firewall by SharePoint
    TCP 32846 Microsoft SharePoint Foundation User Code Service (for sandbox solutions)  Inbound on all Web Servers
    Inbound rule Added to Windows firewall by SharePoint
    Outbound on all Web and App servers with service enabled.
    TCP 5725 User Profile Synchronization Service(FIM) Synchronizing profiles between SharePoint 2013 and Active Directory Domain Services (AD DS) on the server that runs the Forefront Identity Management agent
    TCP + UDP 389 User Profile Synchronization Service(FIM) LDAP Service
    TCP + UDP 88 User Profile Synchronization Service(FIM) Kerberos
    TCP + UDP 53 User Profile Synchronization Service(FIM) DNS
    UDP 464 User Profile Service(FIM) Kerberos change password
    TCP 809 Office Web Apps Intra-farm Office Web Apps communication.

    Plan security hardening for SharePoint 2013
    http://technet.microsoft.com/en-us/library/cc262849.aspx

    Configure SQL Server security for SharePoint 2013 environments
    http://technet.microsoft.com/en-us/library/ff607733.aspx#proc1

    Blocking the standard SQL Server ports
    http://technet.microsoft.com/en-us/library/cc262849.aspx#BlockingSQL

    Service application communication
    http://technet.microsoft.com/en-us/library/cc262849.aspx#ServiceApp

    User Profile service hardening requirements
    http://technet.microsoft.com/en-us/library/cc262849.aspx#UserProfile

    Set-SPServiceHostConfig
    http://technet.microsoft.com/en-us/library/ff607922.aspx

    Get-SPServiceHostConfig
    http://technet.microsoft.com/en-us/library/ff607794.aspx

    TCP/IP Communications (Windows Server AppFabric Caching)
    http://msdn.microsoft.com/en-us/library/ee790914(v=azure.10).aspx

    Advertisements
    Advertisements