Re: Backup Exec service fails on startup
- From: "Steve Duff [MVP]" <ergodic@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 13 Jul 2005 21:19:20 -0700
I suppose the place to start is with the local security policy and/or the domain controller security policy and check for enabled
password GP settings in the associated GPOs.
You can also check gpresult to see what policies are actually showing up as being applied. If you can login as this username you can
check the HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies key in the registry to see the actual policy set that
shows up there, and you may be able to backtrack from that.
The other option is to try an explicit deny ACE on all the GPOs for this account.to see if that prevents the policy from taking
effect. Another approach is to turn on security auditing for everything and see what shows up in the security log. (This is easier
to deal with in 2003 Server with the new 'merged' group policy management console.)
Even though you say this is just on one server, it is usually a good idea to make sure the service account is in a separate AD
container that isn't getting all the various domain user GPOs you may be using.
If you still can't find this, you might repost to the smart folks who hang on .active_directory.
Steve Duff, MCSE, MVP
Ergodic Systems, Inc.
"APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:3E8FF5C5-BAED-4832-B8B9-DB8A14286C33@xxxxxxxxxxxxxxxx
> You were right. I run secedit and I can't restart the service till I reset
> the password in the service control aplet. Now I can restart the service
> without running secedit.
>
> So any suggestion on where to go from here? It must be a local policy
> because I don't have this issue on other servers.
>
> "Steve Duff [MVP]" wrote:
>
>> Your post isn't clear, but understand that the "account wizard" in Backup Exec doesn't actually create the accounts, but it does
>> insure that the account you name has the necessary rights.
>>
>> You can always use service manager to set credentials for the services manually. If service credentials are changing after a
>> reboot
>> you indeed have a serious problem - I've not encountered this before, but I'd suspect you might have a password group policy that
>> is
>> being inappropriately applied - you can use secedit / gpupdate and then try a service restart to test this theory.
>>
>> Steve Duff, MCSE, MVP
>> Ergodic Systems, Inc.
>>
>> "APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:F3AED73A-D3F2-4E57-B4B7-2A926266B367@xxxxxxxxxxxxxxxx
>> > Everytime this box reboots the BE services fail due to login failure. The
>> > services will not start until I manually reset password. The BE services are
>> > the only ones the require a user account other than the system account. I
>> > have tried upgrading to a newer version of BE--same problem, I have tried a
>> > different login account--same problem, I created a new login account--same
>> > problem. I am pretty sure it has the correct access rights. I am begining
>> > to suspect there is some problem with the OS. This box used to be an NT 4
>> > BDC. Last year reinstalled the OS on the C partition to Win2k sp4. We went
>> > through a migration to AD and I ran the admt on this box. Then I ran DCPROMO
>> > on it. ADMT never did clean up the sid history very well. So I think it has
>> > something to do with this because it has been an on going problem. If
>> > anyone has a sugestion Please Help!
>> >
>> >
>>
>>
>>
.
- References:
- Backup Exec service fails on startup
- From: APT SA
- Re: Backup Exec service fails on startup
- From: Steve Duff [MVP]
- Re: Backup Exec service fails on startup
- From: APT SA
- Backup Exec service fails on startup
- Prev by Date: Event ID 1126
- Next by Date: Scheduled tasks not working in windows 2003
- Previous by thread: Re: Backup Exec service fails on startup
- Next by thread: Windows Update and Internet Explorer (Urgent)
- Index(es):
Relevant Pages
|
