Thanks for the suggestions.  Our DBA says the NetContacts were all synchronized.  We should have about 15,000 contact licenses left so that probably isn't the problem.

Thanks for the info about decrypting connections strings and deadlock suggestion.  I checked and the string is correct.  I think dead locking might be the problem.  While it is waiting to time out I ran sp_lock in SQL Server Mangement Studio and see three lines that normally aren't there.  It says that Name_Security and UserMain are locked.   Name_Security is using Index 0 on the table and index 1 on the page.   How can I trouble shoot a deadlock problem on Name_Security?

Thanks

You may need to use SQL Profiler to run a trace of the database while the user credential creation is going on. If you can get a trace, you can figure out which command is locking (and if you can provide the entire trace, we should be able to modify the code to avoid the deadlock).

The output of sp_lock doesn't indicate deadlocks, just locks.  SQL uses locks heavily to make sure operations don't interact with each other.

Blocking is when one process can't start something until another process finishes.  This is normal and happens frequently, with no harm unless the first process takes a long time to complete.

A deadlock is when two processes are waiting for each other.  SQL detects these and clears them out quickly, so it's highly unlikely you saw them in sp_lock.

Looking at the specific values you saw:

Name_Security / TAB / 0  is a table lock.  It just means the table is in use by this connection.  The table lock prevents another connection from dropping the table or performing major structure changes on it.  Nearly every interaction with a table will create some kind of table lock.  (The 0 is meaningless for a table lock.)

Name_Security / PAG / 1  means the query is interacting with index 1, which is iName_SecurityWEB_LOGIN.  Index 1 on every table is the clustered index.  Any query that can't use another index will use the clustered index, or index 0 (heap index) if the table isn't clustered.  A page lock means that some page is being read.

In the output from sp_lock, the field that indicates blocking is when Status = WAIT.  This indicates a lock waiting for another to be released.  You can usually get the same information more easily from sp_who2, looking at the BlkBy column.  If the column is blank for all rows, then no blocking is taking place.

--
Bruce Wilson
Director, Technical Services
RSM McGladrey, Inc.

It's also possible to get a "soft" deadlock, where iMIS has two connections active, one of which is trying to access a table that is locked by the other, and iMIS is waiting on the second connection before it finishes with the first. (This is generally accidental, as we try hard to avoid doing that). SQL Server cannot detect nor avoid these situations, which is why I suggested a trace.

Thanks for your help. 

I decided to simplify the problem and not try to create a new account but only modify the username (which also times out).

I didn't see anything in the profiler that looked like it would attempt to update name_security or UserMain.  I'm told triggers don't show up in the Profiler though.  I did see some queries trying to get role information that returned nothing and I'm wondering if that is normal.  It is trying to get RoleKey and UserKey.  Another query tries to get PropertyNames, PropertyValuesString, and PropertyValuesBinary by calling dbo.aspnet_Profile_GetProperties and passing in the UserName.  That also returns nothing.   Then it calls BAEImisNameSecurityGet  passing in the NameID and that returns a record.  After that I couldn't see anything in the profile trace related to updating the username.

Tomorrow we will install a fresh version of iMIS on a seperate server with the Public View and an empty database and see if we can get iMIS to create accounts and update usernames/passwords.   Once that is working I can run the profiler and see what it looks like when it is working.

It's not an IQA query, it's a query executed by the application. Unfortunately there is no workaround.

Eric Means
System Architect, ASI

I have a client who just did a production upgraded to 15.1.2.4370 and this is an issue.  We've done some custom development on the project and they are getting ready to take a second website live.  Was the fix to a stored proc we could apply to the .4370 version?  If the client has to upgrade and retest all the business processes and the custom development this will seriously impact the budget.  The first in production can't create new logins and the golive date of the second website would be in jeapordy with a new upgrade to 15.1.2.4972.   Can you elaborate on the fix for this?

15.1.2.4730 was the version we upgraded to that fixed our problem. 

The version that had the problem for us was 15.1.1.3286 and it looks like it is fixed in version 15.1.2.4730

When a user was creating a new username and password a check was made to make sure the username was not already in use.  That database check would time out for us because we had a lot of users in our database.  I don't know of anyway to modify the sql query that was making the check but it looks like they fixed it in version 15.1.2.4730