Saving KeePass Causes Network Connection to Crash
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
I am having an issue with a couple of my users where they will save KeePass after making changes and the database will rename to a .tmp file (which I've read is normal) but it will never convert back to the .kdbx file and the computer will loose network connectivity.
This has been happening for several months. Windows 7 machines. These users do keep their database stored on the network file server so that it's backed up. The fix is to restart the computer or to release/renew their IP address.
I found another article on changing a setting where we disabled "file transactions for writing databases" but that did not help.
Thanks,
Bethany
On Windows 10, sometimes, if the computer was allowed to go to sleep while the database is open, I will see a message immediately after waking the computer, that KeePass was unable to save the database. On Windows 10 this error resolves spontaneously shortly after the computer has stabilized (the database is successfully saved). It is possible that Windows 7 is not quite so resilient.
You could check if it helps to disable automatic database saves when the computer goes to sleep. To do so, uncheck "Lock workspace when computer is about to be suspended" in Tools>Options>Security(tab)>Options(section) and
'Automatically save when closing/locking the database' in Tools>Options>Advanced(tab)>Start and Exit(section). Also disable any triggers that save or synchronize the database and are triggered by the 'Closing database file...' events.
Otherwise, it sounds more like you are experiencing a Windows network issue than a KeePass issue, especially since releasing and renewing the IP address fixes the problem. Do create, delete, and rename file operations work across the network with other file types while KeePass is also unable to save?
Last edit: wellread1 2016-08-25
Are you using the most recent version of KeePass?
Turning off "file transactions" will prevent the writing of TMP files so I can't see how you would still have the problem. Are you sure the files are not created by someone else?
Are the users running 2 copies of KeePass?
cheers, Paul
Thanks for the suggestions, here's the responses to what's been proposed:
The issue happens when the database is saved, going to sleep is not part of the equation. The user opens the program, updates a record, hits save and they get an error about the database not being accessible. After reconnecting to the network drives, we have to remove the .tmp extension and all is good until they save again.
These users keep their database files in their directory on the file server and have full permissions. This only happens when they save their KeePass database. It's something I can replicate on demand and KeePass save is the trigger.
Yes, KeePass is updated regularly. It started early this year and impacts only a couple users. Others, like myself, save my file locally to my laptop so it's accessible when I'm off network.
File transactions are disabled and the tmp extension is created as part of the standard save protocol, according to research I've done on how the save functionality works. Each person is the sole user of their own database.
Your conclusion is incorrect. Make sure all file transaction options are off, including "extra-safe file transactions" in Tools>Options>Advanced(tab)>File Input/Output Connections(section). Once file transactions are fully disabled on every copy of KeePass that is saving to the same database location, you will not see new .tmp files created. See the KeePass documentation and posts by the developer:
https://sourceforge.net/p/keepass/discussion/329221/thread/9ea17e74/#c489/c4d5
http://keepass.info/news/n090912_2.09.html
https://sourceforge.net/p/keepass/discussion/329220/thread/03098c9b/#a707
Aside from the optional file transactions, KeePass isn't doing anything special when it saves a database file. If saving the database under normal conditions is failing, and turning off KeePass file transactions does not solve the problem, and these database are not shared, your problem is most likely caused by something external to KeePass e.g. a network problem. The fact that you need to release and renew the computer IP address to restore functionality of your network is strongly suggestive that you have a networking or OS issue, not a KeePass issue.
Your users might benefit by using a local working database and periodically synchronizing to their networked database copy. The advantage is if there is a temporary network glitch that causes network save to fail, a second attempt later may succeed. In the meantime the changes will be saved to the local copy of their database.
Last edit: wellread1 2016-08-25
While I cannot rule out a network issue, it is unlikely. We have other staff who also have their databases on the network and do not have this issue. The fact that in only happens when the user hits the save button within KeePass still causes me to link this to KeePass.
I will look at the links that you sent tomorrow when I am able to get on one of the affected user's machines.
A KeePass database save consists of a file deletion followed by writing the new file. The owner of the newly saved database will be the user that saved the file. Your network users need to have the appropriate file delete and write permissions or the save will fail.
Have you checked the file system on the problematic machines for corruption?
cheers, Paul
Our users are saving their databases to their personal folders on the network so they have the approprite permissions.
I will see if I can do that on my next maintenance window.
I'm racking my brain to recall when this started and it was when we did our routine password update cycle in February. We are on an AD setup. No one that I know of was setup to do anything but master key but I'm not sure if there's something that would tie to the AD account that would cause problems.
P.S. New to this forum, is there a way to get an email when someone posts to this?
KeePass doesn't use / know about your AD password, but if your DCs aren't synching you may get password lockouts. Check Event Viewer for Security log messages associated with the KeePass save.
Unfortunately you can only subscribe to an entire discussion, not a single thread.
cheers, Paul
I hope you back it up regularly. :)
cheers, Paul
I have a system that informs me account lockouts and that is not happening when this happens. Again, the user clicks the save button in KeePass and immediately gets an error that the database can't be accessed and they have lost all network access. I can watch in realtime with Windows Explorer open on the other monitor, click save and all the network drives switch to the red X on them.
That is indeed odd. Renewing the IP to fix it make no sense to me.
I assume it happens whether you have file transactions turned on or off?
Have you done a file system check (sfc /scannow)?
Do you have any KeePass plug-ins?
cheers, Paul