| Author |
Topic |
|
mattt
Posting Yak Master
194 Posts |
 Posted - 2011-01-05 : 08:46:53
|
| Hi,I'm trying to set up mirroring between two sql 2008 databases on different servers in my internal network, as a test run before doing the same thing with two live servers in different locations.When I actually try and switch the mirroring on the target DB (with ALTER DATABASE testdb SET PARTNER = N'TCP://myNetworkAddress:5022') I'm getting an error telling me that the server network address can not be reached or does not exist. A little research suggests this is a fairly unhelpful message that pops up due to a number of possible causes, some of which are not directly related to the server existing or otherwise.So far I've checked and tried the following to solve this problem:* On the target server, I've verified that in SQL Configuration Manager that "Protocols for SQLEXPRESS" (my local installation is labelled SQLEXPRESS for some reason, even though querying SERVERPROPERTY('Edition') reveals that it's 64-bit Enterprise), and Client Protocols for SQL Native Client 10 all have TCP/IP enabled* I'm using a utility program called CurrPorts to verify that there is a TCP/IP port with the same number specified by the mirroring setup (5022) is open and listening on my machine. Netstat verifies that both machines are listening on this port.* I've run SELECT type_desc, port FROM sys.tcp_endpoints; andSELECT state_desc, role FROM sys.database_mirroring_endpoints to ensure that everything is set up as it should be. The only thing that confused me was the "role" returns 1 .. not entirely sure what that means.* I've tried to prepare the DB correctly. I've taken backups of the database and the log file from the master DB and restored them on the target database with NORESTORE. I've tried turning mirroring on both while leaving them in the NORESTORE state and running an empty RESTORE ... neither seems to make much difference. Just as a test I also tried to mirror an inactive, nearly empty database that I created but that didn't work either.* I've verified that neither server is behind a firewall (they're both on the same network, although on different machines)I've no idea where to turn next. I've seen these two troubleshooting help pages:http://msdn.microsoft.com/en-us/library/ms189127.aspxhttp://msdn.microsoft.com/en-us/library/aa337361.aspxAnd as far as I can tell I've run through all the points to no avail.One other thing I'm unsure of is the service accounts box in the wizard. For both databases I've been putting in our high-level access account name which should have full admin permissions on the database - I assumed this was the right thing to do.I'm not sure where to turn next to try and troubleshoot this problem. Suggestions gratefully received.Cheers,Matt |
|
|
dataguru1971
Master Smack Fu Yak Hacker
1464 Posts |
Posted - 2011-01-05 : 09:03:55
|
Both boxes should be using the exact same service account. This should be a windows/domain account created identically on both machines.Review the Account setup guidelines.... http://msdn.microsoft.com/en-us/library/ms365599.aspx Double check that you have created the endpoints correctly. On the machine intended to be the principal, give the mirroring wizard a shot..it may show you what you are missing.
Poor planning on your part does not constitute an emergency on my part. |
 |
|
|
Lumbago
Norsk Yak Master
3271 Posts |
Posted - 2011-01-05 : 09:13:54
|
quote:
Both boxes should be using the exact same service account. This should be a windows/domain account created identically on both machines.
Although this is helpful it is not a requirement. Here is a script for setting up mirroring on the PRINCIPAL server using certificates:--> This is the setup of the PRINCIPAL (master) in a mirroring environmentUSE masterGOCREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password';GO--> Create a name not using "master" or "principal", remember: the roles can -- switch but the certificates remain the same. CREATE CERTIFICATE SQLSrv1_mirroring_cert WITH SUBJECT = 'SQLSrv1 certificate', START_DATE = '2009-01-01 00:00:00', EXPIRY_DATE = '2030-01-01 00:00:00'GOCREATE ENDPOINT Mirroring_Endpoint STATE = STARTED AS TCP ( LISTENER_PORT = 7024, LISTENER_IP = ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION = CERTIFICATE SQLSrv1_mirroring_cert, ENCRYPTION = REQUIRED ALGORITHM AES, ROLE = ALL )GO--> Backup certificate and transfer to SQLSrv2BACKUP CERTIFICATE SQLSrv1_mirroring_cert TO FILE = 'C:\SQLSrv1_mirroring_cert.cer';GO--> Create a login for the other server processCREATE LOGIN SQLSrv2_mirroring_login WITH PASSWORD = 'password';GO--> Create a user for the new login CREATE USER SQLSrv2_mirroring_user FOR LOGIN SQLSrv2_mirroring_login;GO--> Associate the certificate with the user.CREATE CERTIFICATE SQLSrv2_cert AUTHORIZATION SQLSrv2_mirroring_user FROM FILE = 'C:\SQLSrv2_mirroring_cert.cer'GO--> Grant the user access to the endpoint GRANT CONNECT ON ENDPOINT::Mirroring_Endpoint TO [SQLSrv2_mirroring_login]GO--> Create a FULL BACKUP of each database to be mirroredBACKUP DATABASE mojo TO DISK = 'D:\SQLbackup\mojo_20090211.bak'--> Restore these databases to the MIRROR using NORECOVERY--> Set up partnering between the mirror and the principal (use a fully qualified name or an IP address)--> Set up partnering between the principal and the mirror (use a fully qualified name or an IP address)ALTER DATABASE mojo SET PARTNER ='tcp://sqlsrv2:7024'GO - LumbagoMy blog (yes, I have a blog now! just not that much content yet) -> www.thefirstsql.com |
|
|
|
Lumbago
Norsk Yak Master
3271 Posts |
Posted - 2011-01-05 : 09:14:34
|
And here is the corresponding script to set up the MIRROR:--> This is the setup of the MIRROR (slave) in a mirroring environmentUSE masterGO--> Make sure a master key is set CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password';GO--> CREATE CERTIFICATE SQLSrv2_mirroring_cert WITH SUBJECT = 'SQLSrv2 certificate', START_DATE = '2009-01-01 00:00:00', EXPIRY_DATE = '2030-01-01 00:00:00'GOCREATE ENDPOINT Mirroring_Endpoint STATE = STARTED AS TCP ( LISTENER_PORT = 7024, LISTENER_IP = ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION = CERTIFICATE SQLSrv2_mirroring_cert, ENCRYPTION = REQUIRED ALGORITHM AES, ROLE = ALL )GO--> Backup certificate and transfer to SQLSrv1BACKUP CERTIFICATE SQLSrv2_mirroring_cert TO FILE = 'C:\SQLSrv2_mirroring_cert.cer';GO--> Create a login for the other server processCREATE LOGIN SQLSrv1_mirroring_login WITH PASSWORD = 'password'GO--> Create a user for the new login CREATE USER SQLSrv1_mirroring_user FOR LOGIN SQLSrv1_mirroring_login;GO--> Associate the certificate with the user.CREATE CERTIFICATE SQLSrv1_mirroring_cert AUTHORIZATION SQLSrv1_mirroring_user FROM FILE = 'C:\SQLSrv1_mirroring_cert.cer'GO--> Grant the user access to the endpoint GRANT CONNECT ON ENDPOINT::Mirroring_Endpoint TO [SQLSrv1_mirroring_login]GO--> Copy a backup of the database(s) to be mirrored--> Restore them using NORECOVERYRESTORE DATABASE mojo FROM DISK='d:\SQLBackups\mojo_20090211.bak' WITH NORECOVERYGO--> Set up partnering between the mirror and the principal (use a fully qualified name or an IP address)ALTER DATABASE mojo SET PARTNER ='tcp://sqlsrv1:7024'GO - LumbagoMy blog (yes, I have a blog now! just not that much content yet) -> www.thefirstsql.com |
|
|
|
mattt
Posting Yak Master
194 Posts |
Posted - 2011-01-05 : 09:27:20
|
| Thanks for those scripts. I've tried running them, and they failed on the backup certificate steps. If I understand correct this is supposed to copy the cert across to the other server in the pair, right? So I'll need to change the path to include some sort of network address.However .. assuming this step does what it says and is just a backup ... it still gives me the same error when I try and set up the partner DB. |
|
|
|
mattt
Posting Yak Master
194 Posts |
Posted - 2011-01-05 : 09:33:40
|
| Checking the log, I'm seeing the following errors ..Database mirroring connection error 5 'Connection handshake failed. The certificate used by the peer is invalid due to the following reason: Certificate not found.Database Mirroring login attempt failed with error: 'Connection handshake failed. The certificate used by the peer is invalid due to the following reason: Certificate not found. State 89 |
|
|
|
mattt
Posting Yak Master
194 Posts |
Posted - 2011-01-05 : 10:01:09
|
| Wow thanks! I got it working by manually copying the certificates around. That's a huge help, thanks. I now need to test it. My slave DB says it's mirroring and can't be opened, so how can I test that it's receiving updates from the masterDB as expected? |
|
|
|
Lumbago
Norsk Yak Master
3271 Posts |
Posted - 2011-01-05 : 10:01:10
|
| Both servers need to have the others certificate, and the script will handle that as long as you do the copy operation manually (just copy the files using windows explorer or something). And each individual sql statement needs to be run by itself, you can't just copy the script in to SSMS and press F5. They need to be performed in order...you will for example need to create and take a backup of the certificate on the mirror before you import it to the principal (obviously).- LumbagoMy blog (yes, I have a blog now! just not that much content yet) -> www.thefirstsql.com |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2011-01-05 : 10:09:03
|
| SELECT * FROM sys.database_mirroring WHERE mirroring_guid IS NOT NULLThat query will provide status on each mirrored database, on either the principal or mirror server. |
|
|
|
mattt
Posting Yak Master
194 Posts |
Posted - 2011-01-05 : 10:22:54
|
| Brilliant, thanks a million guys. I'm cock-a-hoop about this - you've just put me back ahead of project schedule when I was a good way behind :) |
|
|
|
|
Set up mirroring