1 2 3 Previous Next 35 Replies Latest reply on May 2, 2018 11:03 AM by florian1

    HEAT UAT Database Issue

    Dan_Mills Apprentice

      Hi all,


      We're having an issue at the moment following a Database refresh on our UAT environment.

       

      We have a call outstanding but I thought I'd ask the forum to see if anyone else has had the same issue.

       

      Steps taken:

      • Back up taken of Prod Application Database and restored into the STG environment successfully.
      • Back up then taken of STG to remove email listener settings and restored to the UAT app database
      • Log on unavailable in UAT DB – error message is ‘Access Denied’. DB can be seen by the server as it is presenting the log on screen
      • Prod back up then restored to UAT including email listener being on – the email service on UAT server has been disabled to stop the application looking in the Prod mailbox and logging calls in UAT incorrectly
      • Same issue with log on applies to UAT with refresh straight from Prod
      • All server application services and ISS Services have been restarted on UAT server after all DB restores
      • Another Prod backup was taken at a later date than that of the one restored into STG and put straight into UAT – same issue with log on applies
      • A back up of the UAT DB was taken one calendar week before the refresh that has worked in STG and not in UAT. This back up that is solely of the UAT DB can be restored to make the UAT application work, however this does not contain the relevant data or config settings that are applied in the Prod or STG
      • Local Admin account also fails to log onto Application – even running script on the DB to set the password to a generic log on does not allow access
      • All user accounts do not have access

       

      Does anyone happen to know the specific tables in the DB that store the user accounts or log ons etc. as we might be able to strip these out of the working old version of UAT and into the new one as a trial.

       

      Any help or advice would be appreciated.

       

      Many thanks

      Dan

        • 1. Re: HEAT UAT Database Issue
          AnthonyDowns Specialist

          Are any errors showing up in the logs? On the app server you should have a C:\logs\AppServer.frslog, this should catch the error when you get access denied and in that log you can search for the user name and see what may be happening. This was just a bad password example.

           

          • 2. Re: HEAT UAT Database Issue
            Dan_Mills Apprentice

            Hi Anthony,

             

            We've found the logs however it doesn't look like anything has been written to it since last September, which is when we performed the upgrade:

             

            Thanks
            Dan

            • 3. Re: HEAT UAT Database Issue
              AnthonyDowns Specialist

              Hmm, that is odd. Do you have logging enabled for the app server? You could check this on your production server since you restored from that.

               

              Are all three environments on the same release? Like 2017.2.1

              Can you push between tenants through the OPS console? To see if the same login problems happen.

              • 4. Re: HEAT UAT Database Issue
                AnthonyDowns Specialist

                There are three tables that make up the Employee BO. In the DB, the Employee BO is under views "Employee".

                 

                Here are the tables:

                Frs_CompositeBase_Employee

                Frs_CompositeContract_Identity

                Frs_CompositeContract_Contact

                • 5. Re: HEAT UAT Database Issue
                  Dan_Mills Apprentice

                  Hi Anthony,

                   

                  Yes the App server is switched on:

                   

                   

                  The environments are all on the same version 2017.1.1. We don't have the configuration set up to push the DB restores through the Ops console unfortunately. We only use the ops console for package pushes.

                   

                  We've now tried deleting the above tables in the UAT DB and re-pushing from Testing and it still hasn't worked.

                   

                  One of our Technical team has suggested maybe it's an API issue but we are still unsure.

                   

                  Thanks
                  Dan

                  • 6. Re: HEAT UAT Database Issue
                    AnthonyDowns Specialist

                    I'm at a lost here without some kind of error message.

                     

                    Before we started using the OPS console we restored numerous times between tenants without any issue like this. Next, I would suggest would be restarting services after the restore but you covered that. The only other thing I could think of that throws "Access Denied" is admin not having a role or it is disabled.

                     

                    Looking at your previous SS, it looks like nothing was written to the Logs folder since September. Do you know if the logging location was changed? You can check it in the system config wizard.

                    • 7. Re: HEAT UAT Database Issue
                      katherinec Apprentice

                      Are there any prompts to fix the API key when you go into Ops Console > System Status for your UAT tenant perhaps? 

                      • 8. Re: HEAT UAT Database Issue
                        Dan_Mills Apprentice

                        Hi both

                         

                        Katherine - We are looking into that now so will report back. Thanks for the suggestion!

                         

                        Anthony - We've found the logs... See below:

                         

                        HEAT.png

                         

                        Any further thoughts?

                         

                        Thanks
                        Dan

                        • 9. Re: HEAT UAT Database Issue
                          katherinec Apprentice

                          I've had 'wrong session key format' recently and just needed to run through the configuration wizard all the way to the end on my test app server. Do you have a shared server for  UAT/STG?

                          • 10. Re: HEAT UAT Database Issue
                            Dan_Mills Apprentice

                            Hi Katherine

                             

                            We've run the config wizard and it's not made any difference unfortunately, and both the UAT/STG are on different servers.

                             

                            Dan

                            • 11. Re: HEAT UAT Database Issue
                              DrizztLU Apprentice

                              Hi Dan,

                               

                              If I understood everything, after several db restore, STG, and UAT doesn't allow you to connect the system with an access denied message.

                               

                              Access Denied only indicates the account is not allowed to connect rather than the system being down.

                              You should be able to see login failure on the Logs table (SubSystemId = ASUserAuthentication)

                               

                              On my installation, any non-administrator of the system gets disabled once the STG and UAT are restored.

                              You'll have to uncheck Disabled, and maybe re-check Enable internal/external auth, this can be achieved by an update on the Employee view (it should work) or its children (frs_compositecontract_identity, frs_compositecontract_contact, frs_compositebase_employee)

                               

                               

                              EDIT:

                              An important thing to check: Can you please show us the console of your browser by pressing F12 on chrome for example?      EDIT 2: (When you get the access denied)

                              If it shows a jstz.min.js error, you have to open this specific file in another tab, then Ctrl+F5 the login page and login again.

                               

                               

                              Dylan

                              • 12. Re: HEAT UAT Database Issue
                                Dan_Mills Apprentice

                                Hi Dylan

                                 

                                Thanks for the above.

                                 

                                Our STG environment works absolutely fine, it's just our UAT that we can't connect too.

                                 

                                 

                                We're not sure where the Log (SubSystemId = ASUserAuthentication) is - it doesn't seem to be with the others.

                                 

                                 

                                In relation to the other tables, the ones in the UAT DB are the same as Production and Staging, both of which are working correctly

                                 

                                The Console doesn't have any information in it:

                                 

                                 

                                As you can see from the logon page - there is no error message, just Access Denied.

                                 

                                 

                                I hope this gives you enough information that might potentially help!

                                 

                                katherinec we ran the API fix on STG however this has not fixed the issue at all.

                                 

                                Thanks all, look forward to the next steps!

                                 

                                Dan

                                • 13. Re: HEAT UAT Database Issue
                                  katherinec Apprentice

                                  Do you use external or internal authentication? Do you get a response from a forgotten password request?

                                   

                                  If you query these fields directly from the Employee View for your own loginid are the values as expected? disabled, isexternalauth, isinternalauth, loginid, networkusername, Status

                                   

                                  PS for the failure straight from the logs table: 

                                   

                                  Select * from logs where SubSystemId = 'ASUserAuthentication'

                                  • 14. Re: HEAT UAT Database Issue
                                    Dan_Mills Apprentice

                                    Hi Katherine

                                     

                                    We use external authentication, and no we do not get a response.

                                     

                                    The fields are identical in Staging and Production to UAT so we do not believe this to be the issue.

                                     

                                    DrizztLU we've found the ASUserAuthentication logs. I've attached below (this is just for today).

                                     

                                    Can you both take a look?

                                     

                                                 

                                    LogTimeLogDBTimeMessageExceptionClientIPAddressSubSystemIdTenantIdSessionIdRawLogErrorCodeLogSeverityObjectIdThreadNameServiceNameCurrentRoleOfUserLoginIdComponentNameReadOnlyTargetSite
                                    2018-04-24 09:04:34.24718-04-24 09:05Initial request processing. No attributes required for provisioning are specified (Email, First Name, Last Name).No attributes required for provisioning are specified (Email, First Name, Last Name)System.InvalidOperationException: No attributes required for provisioning are specified (Email, First Name, Last Name)   at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthAssertion(TAssertion assertion, TResponseType authResponse, TSsoProviderInfo providerInfo)   at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessSuccessfulAuthResponse(TResponseType authResponse, SsoLoginParameters p, HttpContext context)   at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthResponse(HttpContext context) ASUserAuthenticationheatUAT    at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthAssertion(TAssertion assertion, TResponseType authResponse, TSsoProviderInfo providerInfo)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessSuccessfulAuthResponse(TResponseType authResponse, SsoLoginParameters p, HttpContext context)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthResponse(HttpContext context)InvalidOperationExceptionERRORNULL15AppServer NULLNULLHEAT.Authentication.Sso.Base.HeatUserLookupResult ProcessAuthAssertion(TAssertion, TResponseType, TSsoProviderInfo)
                                    2018-04-24 09:04:34.24718-04-24 09:05Authentication failed.. Unexpected error. ASUserAuthenticationheatUAT    at DataLayer.Security.Sso.SsoErrorLog.Error(String appId, String message, Exception ex)     at HEAT.Authentication.Sso.Logging.SsoErrorLogImpl.Log(SsoLogEntry logEntry)     at HEAT.Authentication.Sso.Logging.SsoErrorLoggerExtensions.LogError(ISsoLogger logger, Exception ex, String action, String detailFormat, String[] args)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.RedirectToDestination(Boolean isDebug, String loginUrl, HeatAuthStatus authStatus, String externalLoginId, String ssoProviderName, HttpContext context)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthResponse(HttpContext context)     at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()     at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)     at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)  Unknown error code from: SsoErrorLogImpl.LogERRORNULL15AppServer NULLNULLVoid Error(System.String, System.String, System.Exception)
                                    2018-04-24 09:04:34.32718-04-24 09:05System.Web.Services.Protocols.SoapException: Access denied.   at CentralConfig.ConfigServiceAPI.AuthenticateAPIWithBuildVersion(String userName, String tenantId, String buildVersion) ASUserAuthenticationheatUAT    at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)     at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)     at SaaS.WebUI.ConfigServiceAPI.ConfigServiceAPI.AuthenticateAPIWithBuildVersion(String userName, String tenantId, String buildVersion)     at SaaS.WebUI.Management.FarmServer.AuthenticateAPI(String appId, Boolean checkDbVersion)     at SaaS.WebUI.Management.ManagementInstance.AuthenticateAPI(String appId, Boolean checkDBVersion)     at SaaS.WebUI.MVC.ViewModels.LoginTmpViewModel.get_SessionContext()     at SaaS.WebUI.MVC.ViewModels.LoginTmpViewModel.get_LoginBranding()     at SaaS.WebUI.MVC.ViewModels.LoginTmpViewModel.get_TemplatePath()     at ASP._Page_MVC_Views_Account_Login_cshtml.Execute() in d:\Program Files\FrontRange Solutions\HEAT\AppServer\MVC\Views\Account\Login.cshtml:line 5     at System.Web.WebPages.WebPageBase.ExecutePageHierarchy()     at System.Web.Mvc.WebViewPage.ExecutePageHierarchy()     at System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage)     at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)     at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass21.<BeginInvokeAction>b__1e(IAsyncResult asyncResult)LoginErrorERRORNULL17AppServer NULLNULLSystem.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
                                    2018-04-24 09:39:49.85318-04-24 10:01Initial request processing. No attributes required for provisioning are specified (Email, First Name, Last Name).No attributes required for provisioning are specified (Email, First Name, Last Name)System.InvalidOperationException: No attributes required for provisioning are specified (Email, First Name, Last Name)   at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthAssertion(TAssertion assertion, TResponseType authResponse, TSsoProviderInfo providerInfo)   at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessSuccessfulAuthResponse(TResponseType authResponse, SsoLoginParameters p, HttpContext context)   at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthResponse(HttpContext context) ASUserAuthenticationheatUAT    at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthAssertion(TAssertion assertion, TResponseType authResponse, TSsoProviderInfo providerInfo)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessSuccessfulAuthResponse(TResponseType authResponse, SsoLoginParameters p, HttpContext context)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthResponse(HttpContext context)InvalidOperationExceptionERRORNULL13AppServer NULLNULLHEAT.Authentication.Sso.Base.HeatUserLookupResult ProcessAuthAssertion(TAssertion, TResponseType, TSsoProviderInfo)
                                    2018-04-24 09:39:49.85318-04-24 10:01Authentication failed.. Unexpected error. ASUserAuthenticationheatUAT    at DataLayer.Security.Sso.SsoErrorLog.Error(String appId, String message, Exception ex)     at HEAT.Authentication.Sso.Logging.SsoErrorLogImpl.Log(SsoLogEntry logEntry)     at HEAT.Authentication.Sso.Logging.SsoErrorLoggerExtensions.LogError(ISsoLogger logger, Exception ex, String action, String detailFormat, String[] args)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.RedirectToDestination(Boolean isDebug, String loginUrl, HeatAuthStatus authStatus, String externalLoginId, String ssoProviderName, HttpContext context)     at HEAT.Authentication.Sso.Base.BaseAuthenticationResultHandler`3.ProcessAuthResponse(HttpContext context)     at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()     at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)     at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)     at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)     at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)     at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)     at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)  Unknown error code from: SsoErrorLogImpl.LogERRORNULL13AppServer NULLNULLVoid Error(System.String, System.String, System.Exception)
                                    2018-04-24 09:39:49.88318-04-24 10:01System.Web.Services.Protocols.SoapException: Access denied.   at CentralConfig.ConfigServiceAPI.AuthenticateAPIWithBuildVersion(String userName, String tenantId, String buildVersion) ASUserAuthenticationheatUAT    at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)     at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)     at SaaS.WebUI.ConfigServiceAPI.ConfigServiceAPI.AuthenticateAPIWithBuildVersion(String userName, String tenantId, String buildVersion)     at SaaS.WebUI.Management.FarmServer.AuthenticateAPI(String appId, Boolean checkDbVersion)     at SaaS.WebUI.Management.ManagementInstance.AuthenticateAPI(String appId, Boolean checkDBVersion)     at SaaS.WebUI.MVC.ViewModels.LoginTmpViewModel.get_SessionContext()     at SaaS.WebUI.MVC.ViewModels.LoginTmpViewModel.get_LoginBranding()     at SaaS.WebUI.MVC.ViewModels.LoginTmpViewModel.get_TemplatePath()     at ASP._Page_MVC_Views_Account_Login_cshtml.Execute() in d:\Program Files\FrontRange Solutions\HEAT\AppServer\MVC\Views\Account\Login.cshtml:line 5     at System.Web.WebPages.WebPageBase.ExecutePageHierarchy()     at System.Web.Mvc.WebViewPage.ExecutePageHierarchy()     at System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage)     at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilterRecursive(IList`1 filters, Int32 filterIndex, ResultExecutingContext preContext, ControllerContext controllerContext, ActionResult actionResult)     at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)     at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass21.<BeginInvokeAction>b__1e(IAsyncResult asyncResult)LoginErrorERRORNULL18AppServer NULLNULLSystem.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)

                                                 

                                    Thanks
                                    Dan

                                    1 2 3 Previous Next