Hi, I'm having issues with the connection of a V10.3.1 Desktop to SQL Sever 2016, similar to a previous poster with SQL 2012 and V10.1 Desktop - I have already searched the forums and checked all the recommended items. Yes, I am well aware that V10.3.1 is not certified to work with SQL 2016; however, neither is V10.2.2 and we have that running on an OS 2016/SQL 2016 box (legacy software that can't be upgraded as of yet).
My issue is extremely vexing to me and obviously ESRI support as well - I'm at level 2 support right now with my support ticket. I am reaching out to the community to see if anyone else has run into this issue.
I can connect with V10.3.1 to three different servers with OS 2016/SQL 2016 on them that were built approximately 6-9 months ago (maybe longer) with a VM template. I do believe that the VM template was tweaked between those builds and the current version of the template. All of the servers built on the current VM template OS 2016/SQL 2016 are unreachable with V10.3.1 UNLESS SSMS is installed or the newest V10.6.1 is installed! It is not the driver for SQL 2016 from ESRI download as ArcPro can connect to all of the servers - old and new alike. I've been inspecting the Local Security Policies and haven't found any differences. Also a mixture of V10.2.2 SDE, V10.3.1 SDE and V10.6.1 SDE on these various servers.
The sdedc_SQL_Server.log has:
CAN'T OPEN INSTANCE: sde:sqlserver
Spatial Engine Connection Failed (-409)
Cannot Get Access to Instance sde:sqlserver
Creating OLE connection in ArcCatalog gets:
[DBNETLIB][ConnecitonOpen (SECDoCLientHandshake()).]SSL Security error.
Checked Registry on desktop machine TLS is not listed in SecurityProviders at all
Checked Registry on server TLS 1.0 and 1.2 are listed in Security Providers
TLS 1.0 as Enabled 0, Disabled by Default 1
TLS 1.2 as Enabled 1
Upgrading to V10.6.1 IS NOT a complete option for us as we have some users with legacy software that will not work with anything newer than V10.3.1. Also, installation of SSMS on these machines is not an option either, as these folks have no business with that installed.
Items checked so far:
Windows Defender (firewall) turned off - security policy as we use Symantic
.NET Framework 4.5.x installed on server
.NET Framework 4.7.x installed on desktop
One instance of SQL on the server
Can ping the servers
Can connect to SDE via SSMS or ArcCatalog on server using either AD or SQL logins
Cannot connect to SDE via ArcCatalog on Desktop using either AD or SQL logins
One server has SQL 2016 SP2 installed, others are at SP1
MS ODBC connection from client machine works fine
TLS 1.0, 1.1, and 1.2 are checked on for client machine, SSL 2.0 and 3.0 are unchecked
TLS 1.0, 1.1, and 1.2 are checked on for server, SSL 3.0 is unchecked
Thanks for any help that can be offered.
I have seen something like this when 10.4.x was released and the minimum SQL Server version was 2012 and some of the 10.4.x clients could connect with no issues if SQL Server was still on 2008R2, but others could not.
I am not sure exactly why that behavior is present. It does seem odd that it works on some GDB's and an "older" client.