Re: run services as domain account

Tech-Archive recommends: Fix windows errors by optimizing your registry

Where do you change the logon as a service right after the fact? are you
talking about for every user that uses windows authentication?

Currently I have MSSQLSERVER and SQLSERVERAGENT running in services and it's
set to Log On As domain\sqlaccount. That's working. People just can't get in
using windows authentication.



"Ekrem Önsoy" wrote:

- You should give those SQL Server accounts Log on as a service right (this
is given automatically when you perform this via Services MMC). Of course
the recommended method is changing accounts via SQL Server Configuration
Manager.
- After changing accounts, you should restart SQL Server services
- Be sure that you setup those accounts "Never Expires"

--
Ekrem Önsoy
MCBDA, MCTS: SQL Server 2005, MCSD.Net, MCSE, MCT



"jason7655" <jason7655@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:29BD7EB1-27BB-4DA5-93EF-EABD13204249@xxxxxxxxxxxxxxxx
This may sound like a networking issue, but I don't believe it is.

We changed the domain on the box that our SQL Server 2000 runs. At the
time,
we didn't know that you should do this through the Services MMC. We have
since
learned that you should do it through Enterprise Manager. I have seen the
article from Microsoft about going through and making sure the registry
and
other items have proper permissions for those accounts. We went to
Enterprise Manager and put back in the the domain account for both
services,
so that
it would make the necessary changes.

Here's the problem. If if the server and agent are running under a local
service account, then users can connect through enterprise manager using
their
windows account. The accounts are setup and they work. If you change the
server and agent to run under the domain account, then they cannot login
with
their
windows information. That domain account is configured in SQL Server
logins
as well as in windows. We ge the "Login failed for user '(null)'.Reason:
Not
associated
with a trusted SQL Server connection. Change the services to run as local
account, that goes away. Problem is that agent jobs fail because of that.

We want to run it as a domain account, so I guess I need to ask does
anyone
have any idea why it's doing that?

.

Relevant Pages

  • Re: VS2005: SQL Debugging "T-SQL execution ended without debugging. You may not have sufficient
    ... > account also must be a member of the sysadmin role in the target SQL ... and the Windows firewall is disabled on both client & server. ... to the remote SQL Server 2005. ... But I'm still getting the "T-SQL execution ended without debugging. ...
    (microsoft.public.vsnet.debugging)
  • Re: Problems changing the password for the service account in SQL
    ... Adding the domain account which runs SQL Server into SQL Server doesn't ... Server if it is running under the domain account. ... Admin-SQL, Logon Exec - exception from ...
    (microsoft.public.sqlserver.security)
  • Re: Utter madness!
    ... It is just Windows security stuff. ... You can get a trusted connection back to SQL server. ... ASP.NET account (either processModel or app pool identity depending on ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Passthrough authenication w/ SQL trusted connection
    ... separate connection will be used for each security context (each user ... account will have it's own pool). ... if you are using a Windows 2000 Domain, ... backend SQL Server. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Search services not available
    ... Let me clarify that our SQL server uses Windows Authentication, ... account, even if it was just for now to get it working, that would be easier ... I have configured the Search service to use this ...
    (microsoft.public.sharepoint.windowsservices)