Re: Problems installing SQL Server 2005 in two node cluster
- From: "Geoff N. Hiten" <SQLCraftsman@xxxxxxxxx>
- Date: Mon, 17 Nov 2008 16:45:11 -0500
Correct, the SQL Server service account does not need to be a local admin.
--
Geoff N. Hiten
Principal SQL Infrastructure Consultant
Microsoft SQL Server MVP
<rangerchris@xxxxxxxxx> wrote in message news:f07c0557-fbda-4316-9886-7e474545079f@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I did get it installed eventually -- by setting the user as a domain
administrator (more out of frustration than anything else). I'll take
heed of your warning though and downgrade the domain admin to the user
being a local admin on each node, but that doesn't really get me to
the root cause of the problem: oddness with permissions.
I'm assuming that SQL Server 2005 doesn't need to be an administrator
account (I've not read anything otherwise); is there any more
information on this, one way or the other that I've missed?
Cheers,
Chris
On Nov 13, 2:00 am, "Geoff N. Hiten" <SQLCrafts...@xxxxxxxxx> wrote:
You might want to tear down and rebuild theclusterfrom scratch. Short of
that make sure you are not using domain admin-level accounts for the service
accounts. SQLhas some strange reactions to that.
--
Geoff N. Hiten
PrincipalSQLInfrastructure Consultant
MicrosoftSQLServerMVP
<rangerch...@xxxxxxxxx> wrote in message
news:15640a78-54a4-4fab-976b-4e3114672f1e@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> I'm trying to install a clustered version ofSQLServer2005on
> WindowsServer2003, and I've no got to the point where I'm not sure
> what's going on.
> Effectively, everything goes smoothly until the installer attempts to
> startSQLServeron the active node, at which point I get a dialogue
> box that states:
> "TheSQLServerservice failed to start. For more information, see the
>SQLServerBooks Online topics, "How to: ViewSQLServer2005Setup
> Log Files" and "StartingSQLServerManually".
> The Setup Log is dumping this text:
> --------------------------------------------------
> Error Code: 17058
> MSI (s) (B8!14) [15:36:13:011]: Product: MicrosoftSQLServer2005--
> Error 29503. TheSQLServerservice failed to start. For more
> information, see theSQLServerBooks Online topics, "How to: ViewSQL
>Server2005Setup Log Files" and "StartingSQLServerManually."
> The error is (17058) .
> Error 29503. TheSQLServerservice failed to start. For more
> information, see theSQLServerBooks Online topics, "How to: ViewSQL
>Server2005Setup Log Files" and "StartingSQLServerManually."
> The error is (17058) .
> <Func Name='GetCAContext'>
> <EndFunc Name='GetCAContext' Return='T' GetLastError='0'>
> Doing Action: Do_sqlScript
> PerfTime Start: Do_sqlScript : Mon Nov 10 15:36:13 2008
> Service MSSQLSERVER with parameters '-m SqlSetup -Q -
> qLatin1_General_CI_AS -T4022 -T3659 -T3610 -T4010' is being started at
> Mon Nov 10 15:36:13 2008
> Service failed unexpectedly (17058)
> Error Code: 0x800742a2 (17058)
> Windows Error Text: Source File Name: sqlsetuplib\service.cpp
> Compiler Timestamp: Fri Sep 16 13:20:122005
> Function Name: sqls::Service::Start
> Source Line Number: 301
> --------------------------------------------------
> I'm not getting aSQLError log, and looking in Event Viewer, I'm
> seeing these two errors:
> initerrlog: Could not open error log file 'Y:\MicrosoftSQLServer
> \MSSQL.1\MSSQL\LOG\ERRORLOG'. Operating system error = 5(error not
> found).
> UpdateUptimeRegKey: Operating system error 5(error not found)
> encountered.
> Now looking in Y:\..., ERRORLOG doesn't exist. So I've created it
> manually ("copy con ERRORLOG" from the command line), validated
> permissions:
> --------------------------------------------------
> Y:\MicrosoftSQLServer\MSSQL.1\MSSQL\LOG>cacls *
> Y:\MicrosoftSQLServer\MSSQL.1\MSSQL\LOG\ERRORLOG DEVTEST
> \SqlServer2005Agent:F
> DEVTEST
> \SqlServer2005:F
> BUILTIN
> \Administrators:F
> NT AUTHORITY
> \SYSTEM:F
> Y:\MicrosoftSQLServer\MSSQL.1\MSSQL\LOG>
> --------------------------------------------------
> ...and tried again. Still not starting, and ERRORLOG is 0 bytes in
> size. Now I've fired up the sysinternal's tool PROCMON to dig a bit
> deeper to see what I'm missing, and I'm seeing this:
> --------------------------------------------------
> Sequence: 29706
> Date & Time: 10/11/2008 15:43:38
> Event Class: File System
> Operation: CreateFile
> Result: ACCESS DENIED
> Path: Y:\MicrosoftSQLServer\MSSQL.1\MSSQL\LOG\ERRORLOG
> TID: 676
> Duration: 0.0000322
> Desired Access: Generic Write, Read Attributes
> Disposition: OpenIf
> Options: Synchronous IO Non-Alert, Non-Directory File, Open No Recall
> Attributes: N
> ShareMode: Read
> AllocationSize: 0
> --------------------------------------------------
> ...and the process is (according to procmon) running as NT AUTHORITY
> \SYSTEM.
> Two things strike me as odd:
> 1. NT AUTHORITY\SYSTEM has Full access to the ERRORLOG file and
> directory.
> 2. In services.msc, the process is configured to start as a named
> domainuser(DEVTEST\sqlsrv - a member of the group DEVTEST
> \SqlServer2005) and *NOT* a built-in (LocalSystem, NetworkService,
> etc)
> Starting the service from services.msc still shows sqlservr.exe trying
> to access the file as NT AUTHORITY\SYSTEM, and I get the same errors
> in the event log: I don't understand why it isn't trying to connect to
> the file as the configured domainuser.
> Background to thecluster:
> * Two nodes running WindowsServer2003 with MSCS
> * Used to hostSQLServer2000
> *Server2000 uninstalled usingSQLServer2000 CD
> * This is the fifth (I think) attempt at installation, and I've had
> the same error each time: attempted resolutions include:
> -> Making sure I have the correct permissions (I'm a domain admin and
> have the rights as defined at [1])
> -> Ensuring all oldSQLclusterresources are purged fromCluster
>Administrator
> -> Physically deleting allSQLServerdirectories from the two
> servers and the shared RAID array
> -> Purging the setup files from the registry with the Windows Install
> Clean-up tool
> -> Purging registry entries from HKLM\SOFTWARE\Microsoft releated to
>SQLServer
> -> Purging the services from HKLM\SYSTEM\CurrentControlSet\Services
> I'm not sure what else I can do: as far as I'm aware, everything is
> set-up correctly. NetBIOS is off the network cards, I have the right
> rights, the domain groups configured forSQLServer, Agent and FT
> Search are each Domain Local - Security and these seems to be getting
> the right rights from what I can see in the Local Security Policy snap-
> in.
> I've googled and all the main candidates (crypto services not running;
> permissions; NetBIOS enabled) I've all accounted for.
> Suggestions on a postcard please -- more information can be provided
> if requested.
> Cheers,
> Chris...
> [1]http://msdn.microsoft.com/en-us/library/ms189910(SQL.90).aspx
.
- References:
- Problems installing SQL Server 2005 in two node cluster
- From: rangerchris
- Re: Problems installing SQL Server 2005 in two node cluster
- From: Geoff N. Hiten
- Re: Problems installing SQL Server 2005 in two node cluster
- From: rangerchris
- Problems installing SQL Server 2005 in two node cluster
- Prev by Date: Re: Problems installing SQL Server 2005 in two node cluster
- Next by Date: Re: Problem when dettaching databases
- Previous by thread: Re: Problems installing SQL Server 2005 in two node cluster
- Next by thread: Network Binding Order Warning when setup sql 2008 cluster on win20
- Index(es):
Relevant Pages
|
