Hello,
I've configure "HP Omniback" to perform backups on=20
databases servers under the account "omni_acc", when i=20
configured this account i assign this account the "System=20
Administrators" Server Role because i can=B4t did backups if=20
the account wasn=B4t assign to this role.
Now i want to give to the omni_acc account other=20
previleges since we have the "db_backupoperator" database=20
role but... i cant do the backups if the user is only=20
assign to this role. Can anybody explain to me this=20
situation?
Is not supposed that a user assign to=20
the "db_backupoperator" database role perform backups and=20
restores to databases?
How can i give permissions to a user to make backups and=20
restores of databases?
Best regards
For RESTORE you cannot use db_backup operator if the database doesn't exist, as ... the database doesn't
exist! In this case, dbcreator server role should do.
Your problem is very likely that HP wrote their software so it requires this permissions. The place to start
is the documentation for the software. If there is no, ask the vendor of the software (HP).
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"CC&JM" <anonymous@.discussions.microsoft.com> wrote in message news:1919d01c44c8f$47eb8c30$a501280a@.phx.gbl...
Hello,
I've configure "HP Omniback" to perform backups on
databases servers under the account "omni_acc", when i
configured this account i assign this account the "System
Administrators" Server Role because i cant did backups if
the account wasnt assign to this role.
Now i want to give to the omni_acc account other
previleges since we have the "db_backupoperator" database
role but... i cant do the backups if the user is only
assign to this role. Can anybody explain to me this
situation?
Is not supposed that a user assign to
the "db_backupoperator" database role perform backups and
restores to databases?
How can i give permissions to a user to make backups and
restores of databases?
Best regards
Showing posts with label configure. Show all posts
Showing posts with label configure. Show all posts
Tuesday, March 27, 2012
Error executing Backup
Hello,
I've configure "HP Omniback" to perform backups on=20
databases servers under the account "omni_acc", when i=20
configured this account i assign this account the "System=20
Administrators" Server Role because i can=B4t did backups if=20
the account wasn=B4t assign to this role.
Now i want to give to the omni_acc account other=20
previleges since we have the "db_backupoperator" database=20
role but... i cant do the backups if the user is only=20
assign to this role. Can anybody explain to me this=20
situation?
Is not supposed that a user assign to=20
the "db_backupoperator" database role perform backups and=20
restores to databases?
How can i give permissions to a user to make backups and=20
restores of databases?
Best regardsFor RESTORE you cannot use db_backup operator if the database doesn't exist,
as ... the database doesn't
exist! In this case, dbcreator server role should do.
Your problem is very likely that HP wrote their software so it requires this
permissions. The place to start
is the documentation for the software. If there is no, ask the vendor of the
software (HP).
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"CC&JM" <anonymous@.discussions.microsoft.com> wrote in message news:1919d01c
44c8f$47eb8c30$a501280a@.phx.gbl...
Hello,
I've configure "HP Omniback" to perform backups on
databases servers under the account "omni_acc", when i
configured this account i assign this account the "System
Administrators" Server Role because i cant did backups if
the account wasnt assign to this role.
Now i want to give to the omni_acc account other
previleges since we have the "db_backupoperator" database
role but... i cant do the backups if the user is only
assign to this role. Can anybody explain to me this
situation?
Is not supposed that a user assign to
the "db_backupoperator" database role perform backups and
restores to databases?
How can i give permissions to a user to make backups and
restores of databases?
Best regards
I've configure "HP Omniback" to perform backups on=20
databases servers under the account "omni_acc", when i=20
configured this account i assign this account the "System=20
Administrators" Server Role because i can=B4t did backups if=20
the account wasn=B4t assign to this role.
Now i want to give to the omni_acc account other=20
previleges since we have the "db_backupoperator" database=20
role but... i cant do the backups if the user is only=20
assign to this role. Can anybody explain to me this=20
situation?
Is not supposed that a user assign to=20
the "db_backupoperator" database role perform backups and=20
restores to databases?
How can i give permissions to a user to make backups and=20
restores of databases?
Best regardsFor RESTORE you cannot use db_backup operator if the database doesn't exist,
as ... the database doesn't
exist! In this case, dbcreator server role should do.
Your problem is very likely that HP wrote their software so it requires this
permissions. The place to start
is the documentation for the software. If there is no, ask the vendor of the
software (HP).
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"CC&JM" <anonymous@.discussions.microsoft.com> wrote in message news:1919d01c
44c8f$47eb8c30$a501280a@.phx.gbl...
Hello,
I've configure "HP Omniback" to perform backups on
databases servers under the account "omni_acc", when i
configured this account i assign this account the "System
Administrators" Server Role because i cant did backups if
the account wasnt assign to this role.
Now i want to give to the omni_acc account other
previleges since we have the "db_backupoperator" database
role but... i cant do the backups if the user is only
assign to this role. Can anybody explain to me this
situation?
Is not supposed that a user assign to
the "db_backupoperator" database role perform backups and
restores to databases?
How can i give permissions to a user to make backups and
restores of databases?
Best regards
Error executing Backup
Hello,
I've configure "HP Omniback" to perform backups on databases servers under the account "omni_acc", when i configured this account i assign this account the "System Administrators" Server Role because i can=B4t did backups if the account wasn=B4t assign to this role.
Now i want to give to the omni_acc account other previleges since we have the "db_backupoperator" database role but... i cant do the backups if the user is only assign to this role. Can anybody explain to me this situation?
Is not supposed that a user assign to the "db_backupoperator" database role perform backups and restores to databases?
How can i give permissions to a user to make backups and restores of databases?
Best regardsFor RESTORE you cannot use db_backup operator if the database doesn't exist, as ... the database doesn't
exist! In this case, dbcreator server role should do.
Your problem is very likely that HP wrote their software so it requires this permissions. The place to start
is the documentation for the software. If there is no, ask the vendor of the software (HP).
--
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"CC&JM" <anonymous@.discussions.microsoft.com> wrote in message news:1919d01c44c8f$47eb8c30$a501280a@.phx.gbl...
Hello,
I've configure "HP Omniback" to perform backups on
databases servers under the account "omni_acc", when i
configured this account i assign this account the "System
Administrators" Server Role because i can´t did backups if
the account wasn´t assign to this role.
Now i want to give to the omni_acc account other
previleges since we have the "db_backupoperator" database
role but... i cant do the backups if the user is only
assign to this role. Can anybody explain to me this
situation?
Is not supposed that a user assign to
the "db_backupoperator" database role perform backups and
restores to databases?
How can i give permissions to a user to make backups and
restores of databases?
Best regards
I've configure "HP Omniback" to perform backups on databases servers under the account "omni_acc", when i configured this account i assign this account the "System Administrators" Server Role because i can=B4t did backups if the account wasn=B4t assign to this role.
Now i want to give to the omni_acc account other previleges since we have the "db_backupoperator" database role but... i cant do the backups if the user is only assign to this role. Can anybody explain to me this situation?
Is not supposed that a user assign to the "db_backupoperator" database role perform backups and restores to databases?
How can i give permissions to a user to make backups and restores of databases?
Best regardsFor RESTORE you cannot use db_backup operator if the database doesn't exist, as ... the database doesn't
exist! In this case, dbcreator server role should do.
Your problem is very likely that HP wrote their software so it requires this permissions. The place to start
is the documentation for the software. If there is no, ask the vendor of the software (HP).
--
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"CC&JM" <anonymous@.discussions.microsoft.com> wrote in message news:1919d01c44c8f$47eb8c30$a501280a@.phx.gbl...
Hello,
I've configure "HP Omniback" to perform backups on
databases servers under the account "omni_acc", when i
configured this account i assign this account the "System
Administrators" Server Role because i can´t did backups if
the account wasn´t assign to this role.
Now i want to give to the omni_acc account other
previleges since we have the "db_backupoperator" database
role but... i cant do the backups if the user is only
assign to this role. Can anybody explain to me this
situation?
Is not supposed that a user assign to
the "db_backupoperator" database role perform backups and
restores to databases?
How can i give permissions to a user to make backups and
restores of databases?
Best regards
Monday, March 26, 2012
Error during configuring distribution wizard
TITLE: Configure Distribution Wizard
An error occurred configuring SQL Server Agent.
ADDITIONAL INFORMATION:
SQL Server blocked access to procedure 'dbo.sp_set_sqlagent_properties' of component 'Agent XPs' because this component is turned off as part of the security configuration for this server. A system administrator can enable the use of 'Agent XPs' by using sp_configure. For more information about enabling 'Agent XPs', see "Surface Area Configuration" in SQL Server Books Online. (Microsoft SQL Server, Error: 15281)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.1399&EvtSrc=MSSQLServer&EvtID=15281&LinkId=20476
How do I solve this?
Thanks,
Frank
System Engineer
I think the solution is pretty clear inside the error message. Did you have problems following the instructions?|||The worst part, as with many of the error messages, the link in the error takes you to a "sorry no information is available about this problem". Don't know what broke in that process, but I have seen that exact page come up several times while checking alerts in MOM. I hope it is something that will be fixed soon because it seems pretty sad that a link in internal help provides "No Help".
Allen
|||Please execute
The following shows the available options
USE master;
GO
EXEC sp_configure 'show advanced option', '1';
RECONFIGURE;
EXEC sp_configure;
The following enables the Agent XPs
EXEC sp_configure 'Agent XPs', '1';
|||Hi,
Has anybody get the solution as I am getting the same error while installing sqlserver 2005 express on my window xp.
pls see below
TITLE: Microsoft SQL Server 2005 Setup
SQL Server Setup failed to execute a command for server configuration. The error was [Microsoft][SQL Native Client][SQL Server]Cannot add functional unit 'sp_sqlagent_get_startup_info' to component 'Agent XPs'. This unit has been already registered with the component.. Refer to the server error logs and Setup logs for detailed error information.
For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=setup.rll&EvtID=29521&EvtType=lib%5codbc_statement.h%40Do_sqlScript%40OdbcStatement%3a%3aexecute_batch%40sysdbupg.sql%40107%40x3bff
BUTTONS:
&Retry
Cancel
Thanks
|||SQL Server 2005 Express does not have a SQL Server agent. Nor can it be configured as a distributor.
Exactly how are you attempting to configure it as a distributor?
From http://msdn2.microsoft.com/en-us/library/ms151819.aspx
SQL Server Express cannot serve as a Publisher or Distributor. However, merge replication allows changes to be replicated in both directions between a Publisher and Subscriber.
|||try this :
Change the system date to cureent day
Error during configuring distribution wizard
TITLE: Configure Distribution Wizard
An error occurred configuring SQL Server Agent.
ADDITIONAL INFORMATION:
SQL Server blocked access to procedure 'dbo.sp_set_sqlagent_properties' of component 'Agent XPs' because this component is turned off as part of the security configuration for this server. A system administrator can enable the use of 'Agent XPs' by using sp_configure. For more information about enabling 'Agent XPs', see "Surface Area Configuration" in SQL Server Books Online. (Microsoft SQL Server, Error: 15281)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.1399&EvtSrc=MSSQLServer&EvtID=15281&LinkId=20476
How do I solve this?
Thanks,
Frank
System Engineer
I think the solution is pretty clear inside the error message. Did you have problems following the instructions?|||The worst part, as with many of the error messages, the link in the error takes you to a "sorry no information is available about this problem". Don't know what broke in that process, but I have seen that exact page come up several times while checking alerts in MOM. I hope it is something that will be fixed soon because it seems pretty sad that a link in internal help provides "No Help".
Allen
|||Please execute
The following shows the available options
USE master;
GO
EXEC sp_configure 'show advanced option', '1';
RECONFIGURE;
EXEC sp_configure;
The following enables the Agent XPs
EXEC sp_configure 'Agent XPs', '1';
|||
Hi,
Has anybody get the solution as I am getting the same error while installing sqlserver 2005 express on my window xp.
pls see below
TITLE: Microsoft SQL Server 2005 Setup
SQL Server Setup failed to execute a command for server configuration. The error was [Microsoft][SQL Native Client][SQL Server]Cannot add functional unit 'sp_sqlagent_get_startup_info' to component 'Agent XPs'. This unit has been already registered with the component.. Refer to the server error logs and Setup logs for detailed error information.
For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=setup.rll&EvtID=29521&EvtType=lib%5codbc_statement.h%40Do_sqlScript%40OdbcStatement%3a%3aexecute_batch%40sysdbupg.sql%40107%40x3bff
BUTTONS:
&Retry
Cancel
Thanks
|||SQL Server 2005 Express does not have a SQL Server agent. Nor can it be configured as a distributor.
Exactly how are you attempting to configure it as a distributor?
From http://msdn2.microsoft.com/en-us/library/ms151819.aspx
SQL Server Express cannot serve as a Publisher or Distributor. However, merge replication allows changes to be replicated in both directions between a Publisher and Subscriber. |||try this :
Change the system date to cureent day
sqlError during configuring distribution wizard
TITLE: Configure Distribution Wizard
An error occurred configuring SQL Server Agent.
ADDITIONAL INFORMATION:
SQL Server blocked access to procedure 'dbo.sp_set_sqlagent_properties' of component 'Agent XPs' because this component is turned off as part of the security configuration for this server. A system administrator can enable the use of 'Agent XPs' by using sp_configure. For more information about enabling 'Agent XPs', see "Surface Area Configuration" in SQL Server Books Online. (Microsoft SQL Server, Error: 15281)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.1399&EvtSrc=MSSQLServer&EvtID=15281&LinkId=20476
How do I solve this?
Thanks,
Frank
System Engineer
I think the solution is pretty clear inside the error message. Did you have problems following the instructions?|||The worst part, as with many of the error messages, the link in the error takes you to a "sorry no information is available about this problem". Don't know what broke in that process, but I have seen that exact page come up several times while checking alerts in MOM. I hope it is something that will be fixed soon because it seems pretty sad that a link in internal help provides "No Help".
Allen
|||Please execute
The following shows the available options
USE master;
GO
EXEC sp_configure 'show advanced option', '1';
RECONFIGURE;
EXEC sp_configure;
The following enables the Agent XPs
EXEC sp_configure 'Agent XPs', '1';
|||Hi,
Has anybody get the solution as I am getting the same error while installing sqlserver 2005 express on my window xp.
pls see below
TITLE: Microsoft SQL Server 2005 Setup
SQL Server Setup failed to execute a command for server configuration. The error was [Microsoft][SQL Native Client][SQL Server]Cannot add functional unit 'sp_sqlagent_get_startup_info' to component 'Agent XPs'. This unit has been already registered with the component.. Refer to the server error logs and Setup logs for detailed error information.
For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=setup.rll&EvtID=29521&EvtType=lib%5codbc_statement.h%40Do_sqlScript%40OdbcStatement%3a%3aexecute_batch%40sysdbupg.sql%40107%40x3bff
BUTTONS:
&Retry
Cancel
Thanks
|||SQL Server 2005 Express does not have a SQL Server agent. Nor can it be configured as a distributor.
Exactly how are you attempting to configure it as a distributor?
From http://msdn2.microsoft.com/en-us/library/ms151819.aspx
SQL Server Express cannot serve as a Publisher or Distributor. However, merge replication allows changes to be replicated in both directions between a Publisher and Subscriber.
|||try this :
Change the system date to cureent day
Error during configuring distribution wizard
TITLE: Configure Distribution Wizard
An error occurred configuring SQL Server Agent.
ADDITIONAL INFORMATION:
SQL Server blocked access to procedure 'dbo.sp_set_sqlagent_properties' of component 'Agent XPs' because this component is turned off as part of the security configuration for this server. A system administrator can enable the use of 'Agent XPs' by using sp_configure. For more information about enabling 'Agent XPs', see "Surface Area Configuration" in SQL Server Books Online. (Microsoft SQL Server, Error: 15281)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.1399&EvtSrc=MSSQLServer&EvtID=15281&LinkId=20476
How do I solve this?
Thanks,
Frank
System Engineer
I think the solution is pretty clear inside the error message. Did you have problems following the instructions?|||The worst part, as with many of the error messages, the link in the error takes you to a "sorry no information is available about this problem". Don't know what broke in that process, but I have seen that exact page come up several times while checking alerts in MOM. I hope it is something that will be fixed soon because it seems pretty sad that a link in internal help provides "No Help".
Allen
|||Please execute
The following shows the available options
USE master;
GO
EXEC sp_configure 'show advanced option', '1';
RECONFIGURE;
EXEC sp_configure;
The following enables the Agent XPs
EXEC sp_configure 'Agent XPs', '1';
|||
Hi,
Has anybody get the solution as I am getting the same error while installing sqlserver 2005 express on my window xp.
pls see below
TITLE: Microsoft SQL Server 2005 Setup
SQL Server Setup failed to execute a command for server configuration. The error was [Microsoft][SQL Native Client][SQL Server]Cannot add functional unit 'sp_sqlagent_get_startup_info' to component 'Agent XPs'. This unit has been already registered with the component.. Refer to the server error logs and Setup logs for detailed error information.
For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=setup.rll&EvtID=29521&EvtType=lib%5codbc_statement.h%40Do_sqlScript%40OdbcStatement%3a%3aexecute_batch%40sysdbupg.sql%40107%40x3bff
BUTTONS:
&Retry
Cancel
Thanks
|||SQL Server 2005 Express does not have a SQL Server agent. Nor can it be configured as a distributor.
Exactly how are you attempting to configure it as a distributor?
From http://msdn2.microsoft.com/en-us/library/ms151819.aspx
SQL Server Express cannot serve as a Publisher or Distributor. However, merge replication allows changes to be replicated in both directions between a Publisher and Subscriber. |||try this :
Change the system date to cureent day
Wednesday, March 7, 2012
Error connecting to OLEDB for DB2
I'm attempting to configure a new Microsoft OLE DB Provider for DB2 connection using the provided Data Access Tool and Wizard. I'm configured for DB2\MVS TCP/IP and have my Catalog and other defaults set. When I go to connect I get the following:
Could not connect to data source 'New Data Source':
An internal network library error has occurred. A network level conversational protocol error has occurred. SQLSTATE: HY000, SQLCODE: -343
The port I've configured is what is used when we use the IBM OLE DB and ODBC drivers. Where can I look to see what the problem is?
Thanks,
Mike
I'm moving your thread to the Data Access forum as you'll have a greater chance of having an OLEDB question answered.|||Hi,
some OLEDB providers have the functionality for logging implemented which can be turned on with a flag on the client side, this should give you more information about the error you ar egetting. The Provider flags are very specific so you should look in the documentation of the used provider.
HTH, jens Suessmeyer.
http://www.sqlserver2005.de
Sunday, February 26, 2012
error configure
Hi every1,
I have problem about configuration in Merge Replication.
First, I configure for SQL Server 2000, expand Replication> Publication>New Publication>Choose Publication Database, I choose pubs>Select Publication Type, choose Merge Replication>Specify Subscribers Type, choose Servers running SQL Server 2000 and Devices running SQL Server CE>Specify article (ex. authors)…>Finish. I configure succeeded (A snapshot of 1 article(s) is generated).
Snapshot folder reference to path: \\server_name\C$\Program Files\Microsoft SQL Server 2005 Mobile Edition\Server\Replication
Next, I configure for SQL Server Mobile Agent, Subscriber Type, choose SQL Server Mobile Edition>Web server, choose Create a new virtual directory>Alias: Replication (reference to the path: C:\Program Files\Microsoft SQL Server 2005 Mobile Edition\Server\Replication)..>Client Authentication, choose Client will connect anonymously….>Snapshot share access, enter \\server_name\Replication =>error: The share '\\server_name\Replication'cannot be accessed. Please specify a new share. Why that?
I want to ask u I configure that correctly? If Subscriber is Pocket PC Emulator, what is subscriber ’sproperty of SqlCeReplication (Windows PocketPC Emulator?)?
Plz help me. Thanks so much.
I need your help very much. Please.|||Firstly you should not use \\server_name\c$\.... By C$ you are assuming that the login that syncs has access to this machine's c$.
You should use a share: \\servername\repl.
Then give this share name created in the Configure virtual directory.
And I do not understand your last question about emulator.
error configure
Hi every1,
I have problem about configuration in Merge Replication.
First, I configure for SQL Server 2000, expand Replication> Publication>New Publication>Choose Publication Database, I choose pubs>Select Publication Type, choose Merge Replication>Specify Subscribers Type, choose Servers running SQL Server 2000 and Devices running SQL Server CE>Specify article (ex. authors)…>Finish. I configure succeeded (A snapshot of 1 article(s) is generated).
Snapshot folder reference to path: \\server_name\C$\Program Files\Microsoft SQL Server 2005 Mobile Edition\Server\Replication
Next, I configure for SQL Server Mobile Agent, Subscriber Type, choose SQL Server Mobile Edition>Web server, choose Create a new virtual directory>Alias: Replication (reference to the path: C:\Program Files\Microsoft SQL Server 2005 Mobile Edition\Server\Replication)..>Client Authentication, choose Client will connect anonymously….>Snapshot share access, enter \\server_name\Replication =>error: The share '\\server_name\Replication'cannot be accessed. Please specify a new share. Why that?
I want to ask u I configure that correctly? If Subscriber is Pocket PC Emulator, what is subscriber ’sproperty of SqlCeReplication (Windows PocketPC Emulator?)?
Plz help me. Thanks so much.
I need your help very much. Please.|||Firstly you should not use \\server_name\c$\.... By C$ you are assuming that the login that syncs has access to this machine's c$.
You should use a share: \\servername\repl.
Then give this share name created in the Configure virtual directory.
And I do not understand your last question about emulator.
Friday, February 17, 2012
Error after service account removed from "SQLServer2005MSSQLUser" Group
I am attempting to configure my SQL Server instance to use a service account with the minimum privileges. I thought I had everything configured correctly, when I realized that having the service account as a member of the "SQLServer2005MSSQLUser" Windows Group meant that the service account was now in the "sysadmin" fixed server role. This was not the configuration I wanted.
I went through the Books Online article "Setting Up Windows Service Accounts" and made sure the login had access to the appropriate folders used by SQL Server. Then I stopped the SQL Server service and tried to restart it, without success. These are the error messages:
Code Snippet
SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.
Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
FCB::Open failed: Could not open file E:\MSSQL$STAGING\Data\model.mdf for file number 1. OS error: 5(Access is denied.).
TDSSNIClient initialization failed with error 0x5, status code 0x1.
TDSSNIClient initialization failed with error 0x5, status code 0x90.
I checked some other posts on this board, and they suggested the problem might be that the "VIA" protocol was enabled. I checked for this protocol in the Configuration Manager, and it is DISABLED in both the SQL Server 2005 Network Configuration and the SQL Native Client Configuration. What else could be causing this error?
The errors do not occur when I add the service account back to the "SQLServer2005MSSQLUser" Windows Group. The SQL Server service starts successfully when the account is back in this group.
Here are my answers to the questions posted at the top of this board:
What is the MS SQL version? - SQL Server 2005 SP2 (9.00.3054.00)
What is the SKU of MS SQL? - Enterprise Edition (SKU ID: 1804890536)
What is the SQL Server Protocol enabled? - TCPIP, Named Pipes
Does the server start successfully? - NO
If not what is the error messages in the SQL server ERRORLOG? - See above.
If SQL Server is a named instance, is the SQL browser enabled? - YES
What is the account that the SQL Server is running under? - Domain Account
Do you make firewall exception for your SQL server TCP port if you want connect remotely through TCP provider? Not applicable, Windows Firewall is not used
Do you make firewall exception for SQL Browser UDP port 1434?
Not Applicable, Windows Firewall is not used
Hi Ken,
You seem to be facing multiple problems with the account setup. First of all - make sure you have granted it read/write access to the folders where databases are located (especially the E:\MSSQL$STAGING\Data).
The next thing to do is grant the account access to the registry, in particular [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer] and subfolders + [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server] and subfolders.
The status code of 0x90 above probably indicates the inability of the service to access a registry entry called ProtocolList, it is usually under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\SuperSocketNetLib], it is for SQL 2k compatibility purposes. What you can do is to capture a RegMon from a service startup attempt (http://www.microsoft.com/technet/sysinternals/utilities/regmon.mspx) and look for access denied entries in it. Based on that you can grant access and go from there. Similar for files - you could use FileMon (http://www.microsoft.com/technet/sysinternals/FileAndDisk/Filemon.mspx).
More information about the initialization failure status codes is available here: http://blogs.msdn.com/sql_protocols/archive/2006/04/28/585835.aspx.
HTH,
Jivko Dobrev - MSFT
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Thank you, I was looking for a way to see the Registry access.
As far as the database files, here are the folders the account has "Full Control" over:
E:\MSSQL$STAGING\MSSQL.4\MSSQL (Stores the files for the system databases)
E:\MSSQL$STAGING\Data (Stores the files for all other databases)
I orginally granted the account "Full Control" at the parent folder (E:\MSSQL$STAGING), but this did not work.
I'll try out your suggestions and post back later.
|||I'll need some more time to learn how to use regmon. It was returning far too much data to be useful.
I did a search for "SuperSocketNetLib" within the Registry Editor. I found it in the following keys:
Code Snippet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.1\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.4\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\STAGING\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\Client\SuperSocketNetLib
I granted the service account "Full Control" on the first four keys I listed. The account already had "Read" permissions on "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\Client\SuperSocketNetLib" due to its membership in the "SQLServerBrowserUser" Windows group.
After making these changes, I was able to start the SQL Server service. Everything appeared to be working until I checked EventViewer. The following error was rapidly filling the Application Log:
Code Snippet
UpdateUptimeRegKey: Operating system error 5(Access is denied.) encountered.I searched the Registry for both "UpdateUptime" and "UpdateUptimeRegKey" and found nothing. Is this a Registry key or is this something else?
My next step is to grant the service account "Full Control" over the following keys:
Code Snippet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server (and subfolders)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer (and subfolders)
You had told me to do this but I hadn't done so.
I'll post back later with additional results.
|||Granting the service account "Full Control" over "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server (and subfolders)" and "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer (and subfolders)" resolved the errors for "UpdateUptimeRegKey".
I was now able to start the service and keep it running without any further Windows errors. Unfortunately, I now started receiving errors within SQL Server. Two developers were trying to execute a stored procedure. They received the following error:
"An error occurred during decryption"
I did some research, and found out the error refers to the Service Master Key. Once again, the error disappears when I add the service account back to "SQLServer2005MSSQLUser".
Am I going to need to rebuild the master database in order to accomplish this change?
|||Hi Ken!
In the last few days I've tried to do exactly the same as you. I become a task to audit an MSSQL 2005 Standard server. I realised that the SQL server was originaly intalled to run the service under the Administrator account. So as in many reference, I try to change also the account to use a service account with the minimum privileges. Which is the 'NT AUTHORITY\NetworkService'. After it, I try to start the service and my problems began. I resolved step-by-step the same problems as you. Registry keys permission change, checking folders permissions and so on. Even I must change some settings with the Component Service Manager to let Local Activation for Microsoft Search FTE Admin. Anyway, at the end I still have this error message in the Event Viewer just as you.
So my question is that have you find out how can this error resolved? Or somebody else?
Many thanks!
|||Actually, I discovered I misunderstood the new security model for SQL Server. My misunderstanding was that I thought that the SQL Server service account should NOT be a member of the "sysadmin" fixed server role. It turns out that the account IS supposed to be a member of "sysadmin". Therefore, the is no reason to remove the service account from the SQLServer2005MSSQLUser" group.
The documentation in SQL Server Books Online needs to be revised to make this clear. When you read the Books Online article "Setting Up Windows Service Accounts", this is what it says in the "Reviewing Windows Permissions for SQL Server Services", in the "Required permissions" column:
Local user is recommended.
Under "Minimum permissions", it says the following:
"The account must be in the list of accounts that have "List Folder" permissions on the root drive where SQL Server is installed, and on the root of any other drive where SQL Server files are stored." and "The account must have "Full Control" permissions over any folders where data or log files (.mdf, .ndf, .ldf) will reside."
There is not one word about the requirement that the account be a sysadmin. By contrast, here is what the same article says about the Minimum permissions for the SQL Server Agent service account:
"The account must be a member of the sysadmin fixed server role."
Maybe Microsoft just assumed that we would know that the service account needed to be a sysadmin.
Microsoft could save us all a lot of headaches if they would include this simple statement with the information for the SQL Server service account.
Error after service account removed from "SQLServer2005MSSQLUser" Group
I am attempting to configure my SQL Server instance to use a service account with the minimum privileges. I thought I had everything configured correctly, when I realized that having the service account as a member of the "SQLServer2005MSSQLUser" Windows Group meant that the service account was now in the "sysadmin" fixed server role. This was not the configuration I wanted.
I went through the Books Online article "Setting Up Windows Service Accounts" and made sure the login had access to the appropriate folders used by SQL Server. Then I stopped the SQL Server service and tried to restart it, without success. These are the error messages:
Code Snippet
SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.
Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
FCB::Open failed: Could not open file E:\MSSQL$STAGING\Data\model.mdf for file number 1. OS error: 5(Access is denied.).
TDSSNIClient initialization failed with error 0x5, status code 0x1.
TDSSNIClient initialization failed with error 0x5, status code 0x90.
I checked some other posts on this board, and they suggested the problem might be that the "VIA" protocol was enabled. I checked for this protocol in the Configuration Manager, and it is DISABLED in both the SQL Server 2005 Network Configuration and the SQL Native Client Configuration. What else could be causing this error?
The errors do not occur when I add the service account back to the "SQLServer2005MSSQLUser" Windows Group. The SQL Server service starts successfully when the account is back in this group.
Here are my answers to the questions posted at the top of this board:
What is the MS SQL version? - SQL Server 2005 SP2 (9.00.3054.00)
What is the SKU of MS SQL? - Enterprise Edition (SKU ID: 1804890536)
What is the SQL Server Protocol enabled? - TCPIP, Named Pipes
Does the server start successfully? - NO
If not what is the error messages in the SQL server ERRORLOG? - See above.
If SQL Server is a named instance, is the SQL browser enabled? - YES
What is the account that the SQL Server is running under? - Domain Account
Do you make firewall exception for your SQL server TCP port if you want connect remotely through TCP provider? Not applicable, Windows Firewall is not used
Do you make firewall exception for SQL Browser UDP port 1434?
Not Applicable, Windows Firewall is not used
Hi Ken,
You seem to be facing multiple problems with the account setup. First of all - make sure you have granted it read/write access to the folders where databases are located (especially the E:\MSSQL$STAGING\Data).
The next thing to do is grant the account access to the registry, in particular [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer] and subfolders + [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server] and subfolders.
The status code of 0x90 above probably indicates the inability of the service to access a registry entry called ProtocolList, it is usually under [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\SuperSocketNetLib], it is for SQL 2k compatibility purposes. What you can do is to capture a RegMon from a service startup attempt (http://www.microsoft.com/technet/sysinternals/utilities/regmon.mspx) and look for access denied entries in it. Based on that you can grant access and go from there. Similar for files - you could use FileMon (http://www.microsoft.com/technet/sysinternals/FileAndDisk/Filemon.mspx).
More information about the initialization failure status codes is available here: http://blogs.msdn.com/sql_protocols/archive/2006/04/28/585835.aspx.
HTH,
Jivko Dobrev - MSFT
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Thank you, I was looking for a way to see the Registry access.
As far as the database files, here are the folders the account has "Full Control" over:
E:\MSSQL$STAGING\MSSQL.4\MSSQL (Stores the files for the system databases)
E:\MSSQL$STAGING\Data (Stores the files for all other databases)
I orginally granted the account "Full Control" at the parent folder (E:\MSSQL$STAGING), but this did not work.
I'll try out your suggestions and post back later.
|||I'll need some more time to learn how to use regmon. It was returning far too much data to be useful.
I did a search for "SuperSocketNetLib" within the Registry Editor. I found it in the following keys:
Code Snippet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.1\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.4\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\STAGING\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\Client\SuperSocketNetLib
I granted the service account "Full Control" on the first four keys I listed. The account already had "Read" permissions on "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\Client\SuperSocketNetLib" due to its membership in the "SQLServerBrowserUser" Windows group.
After making these changes, I was able to start the SQL Server service. Everything appeared to be working until I checked EventViewer. The following error was rapidly filling the Application Log:
Code Snippet
UpdateUptimeRegKey: Operating system error 5(Access is denied.) encountered.I searched the Registry for both "UpdateUptime" and "UpdateUptimeRegKey" and found nothing. Is this a Registry key or is this something else?
My next step is to grant the service account "Full Control" over the following keys:
Code Snippet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server (and subfolders)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer (and subfolders)
You had told me to do this but I hadn't done so.
I'll post back later with additional results.
|||Granting the service account "Full Control" over "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server (and subfolders)" and "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer (and subfolders)" resolved the errors for "UpdateUptimeRegKey".
I was now able to start the service and keep it running without any further Windows errors. Unfortunately, I now started receiving errors within SQL Server. Two developers were trying to execute a stored procedure. They received the following error:
"An error occurred during decryption"
I did some research, and found out the error refers to the Service Master Key. Once again, the error disappears when I add the service account back to "SQLServer2005MSSQLUser".
Am I going to need to rebuild the master database in order to accomplish this change?
|||Hi Ken!
In the last few days I've tried to do exactly the same as you. I become a task to audit an MSSQL 2005 Standard server. I realised that the SQL server was originaly intalled to run the service under the Administrator account. So as in many reference, I try to change also the account to use a service account with the minimum privileges. Which is the 'NT AUTHORITY\NetworkService'. After it, I try to start the service and my problems began. I resolved step-by-step the same problems as you. Registry keys permission change, checking folders permissions and so on. Even I must change some settings with the Component Service Manager to let Local Activation for Microsoft Search FTE Admin. Anyway, at the end I still have this error message in the Event Viewer just as you.
So my question is that have you find out how can this error resolved? Or somebody else?
Many thanks!
|||Actually, I discovered I misunderstood the new security model for SQL Server. My misunderstanding was that I thought that the SQL Server service account should NOT be a member of the "sysadmin" fixed server role. It turns out that the account IS supposed to be a member of "sysadmin". Therefore, the is no reason to remove the service account from the SQLServer2005MSSQLUser" group.
The documentation in SQL Server Books Online needs to be revised to make this clear. When you read the Books Online article "Setting Up Windows Service Accounts", this is what it says in the "Reviewing Windows Permissions for SQL Server Services", in the "Required permissions" column:
Local user is recommended.
Under "Minimum permissions", it says the following:
"The account must be in the list of accounts that have "List Folder" permissions on the root drive where SQL Server is installed, and on the root of any other drive where SQL Server files are stored." and "The account must have "Full Control" permissions over any folders where data or log files (.mdf, .ndf, .ldf) will reside."
There is not one word about the requirement that the account be a sysadmin. By contrast, here is what the same article says about the Minimum permissions for the SQL Server Agent service account:
"The account must be a member of the sysadmin fixed server role."
Maybe Microsoft just assumed that we would know that the service account needed to be a sysadmin.
Microsoft could save us all a lot of headaches if they would include this simple statement with the information for the SQL Server service account.
Subscribe to:
Posts (Atom)