Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Database Performance Analyzer (DPA) > DPA - Knowledgebase Articles > DPA repository user login is from an untrusted domain

DPA repository user login is from an untrusted domain

Updated July 25, 2018


When you are changing the DPA repository from SQL Server authentication to Windows authentication, the login will not connect and is said to be from an untrusted domain. 


  • DPA 
  • SQL server repository 
  • Windows authentication 


The SQL server requires the windows authentication account to use a lower level of authentication: NTLMv2 instead of Kerberos. When you see this issue on the web page, the SQL server error logs will usually have an error such as the following. These errors are not found in the DPA logs. 


2013-07-17 17:33:22.01 Logon       Error: 17806, Severity: 20, State: 14.
2013-07-17 17:33:22.01 Logon       SSPI handshake failed with error code 0x80090302, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure.  [CLIENT:]. 
2013-07-17 17:33:22.01 Logon       Error: 18452, Severity: 14, State: 1.
2013-07-17 17:33:22.01 Logon       Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT:]


This error is an issue with jTDS only in connecting to the instance. We need to force the use of NTLMv2 in the connection. 

  1. Add the following to the file:
  2. Restart DPA.





Last modified