Issue:
- After upgrading to F-Secure Email and Server Security 14.x, emails are no longer quarantined. Error message: 159 Access denied
- SQL information such as instance name, database name and the user are not shown on the Web Console, neither in Policy Manager console
Resolution:
Note: When you upgrade to F-Secure Email and Server Security 14.x, you can run the installer locally or using F-Secure Policy Manager "policy based upgrade" option. Read more about this topic. However, you still need to configure few sections, as the admin guide advises to do so.
In this case, you can see the lack of permissions and configurations are not completed after the upgrade.
You can identify this behavior, by checking the logs. The product writes all logs into C:\ProgramData\F-Secure\
If you open the quarantine.log, you may be able to see a similar line:
Unable to download quarantine item because of access denied error in E-mail and Server Security
2020-01-31 17:21:06.585 [0a4c.0010] I: FQM: Deleting Qid 11518 from storage
2020-01-31 17:21:06.585 [0a4c.0010] *E: FQM: Failed to delete Qid 11518 from storage System.IO.DirectoryNotFoundException: A part of the path "C:\Program Files (x86)\F-Secure\Quarantine Manager\quarantine\XXXXXX\Q20190906_000001\Q20191209104816_11518.[eml]" could not be found.
for System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
for System.IO.File.InternalDelete(String path, Boolean checkHost)
for FSecure.Ess.Fqm.Impl.QuarantineStorage.DeleteMail(String storagePath)
with FSecure.Ess.Fqm.Impl.QuarantineProcessor.Delete()
Besides the permissions, the quarantine path was not found, so either it is not configured or it does not exist.
If you check the TransportAgent.log, you will see another error which denies the access, so the Agent can not process the items.
Exception rethrown at [0]:
for System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
for System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at FSecure.Ess.FqmApi.IQuarantineManager.QuarantineMail(Mail mail)
for FSecure.AntiVirus.Exchange.Transport.QuarantineManager.QuarantineMail(Mail mail)
for FSecure.AntiVirus.Exchange.Transport.FSMessageScanner.QuarantineMail(String strPathToSavedMail, Int64 lSavedMailSize, QuarantineReason reason, String reasonDetails, Int64& resQuarantineId, String& resErrorDescription)
2020-01-31 17:20:39.958 [36f8.0007] *E: FSecure.AntiVirus.Exchange.Transport.FSMessageScanner: QuarantineMail() Failed System.ServiceModel.Security.SecurityAccessDeniedException: Access was denied.
If you check the F-Secure.Ess.Config.log:
FSecure.ESS_Installer.ViewModel.WizardPageViewModel: Could not set user 'fqmuser' as owner for db 'FSMSE_Quarantine'. Reason: The database principal owns a schema in the database, and cannot be dropped. 2020-01-31 17:20:05.929 [39d4.0001] I: FSecure.ESS_Installer.ViewModel.WizardPageViewModel: Setected quarantine method is 'Local
To solve the issue, follow these steps:
- Run F-Secure.Ess.Config.exe as administrator from the target server. F-Secure.Ess.Config.exe is located at C:\Program Files (x86)\F-Secure\Email and Server Security\ui
- Configure the setup for an existing database or create a new database. For the database setup/deployment, you can refer to the admin guide
- Make sure that permissions are set correctly. You can refer to the F-Secure Community article for more details
Once you have performed the following:
- Run/entered the configuration locally
- All the authorizations are in place explained as above.
Proceed to open the Email and Server Security web console and test the connection to the quarantine database.
Article no: 000020341