<a href="http://g.adspeed.net/ad.php?do=clk&zid=15220&wd=468&ht=60&pair=as" target="_blank"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15220&wd=468&ht=60&pair=as" alt="i" width="468" height="60"/></a>
Log in
::
Register
::
Not logged in
Home
Tags
Articles
Editorials
Stairways
Forums
Scripts
Videos
Blogs
QotD
Books
Ask SSC
SQL Jobs
Training
Authors
About us
Contact us
Newsletters
Write for us
<a href="http://g.adspeed.net/ad.php?do=clk&zid=15491&wd=120&ht=300&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15491&wd=120&ht=300&pair=as" alt="i" width="120" height="300"/></a>
Recent Posts
Recent Posts
Popular Topics
Popular Topics
Home
Search
Members
Calendar
Who's On
Home
»
SQL Server 2005
»
Administering
»
Unable to start SQL agent with domain account...
18 posts, Page 1 of 2
1
2
»»
Unable to start SQL agent with domain account
Rate Topic
Display Mode
Topic Options
Author
Message
mjwlufc
mjwlufc
Posted Monday, November 26, 2012 1:29 AM
SSC Rookie
Group: General Forum Members
Last Login: Tuesday, January 29, 2013 4:07 AM
Points: 26,
Visits: 43
Hi,
I've recently changed our SQL services to run under domain account instead of the local account they used to use. Since doing this i'm unable to start the agent. I got the follwing error in event viewer
SQLServerAgent could not be started (reason: SQLServerAgent must be able to connect to SQLServer as SysAdmin, but '(Unknown)' is not a member of the SysAdmin role).
The account we are trying to start the agent with is both a local admin and has sysadmin role.
One thing i find strange is that when we connect to the instance using the service account and sql managent i can't see the properties of the agent as it's greyed out when i right click on it.
Any ideas on this - i've tried going back and running the agent as local but thet now returns the same error !
Thanks in advance,
Mike.
Post #1388463
learning_sql
learning_sql
Posted Monday, November 26, 2012 2:26 AM
SSC Rookie
Group: General Forum Members
Last Login: Thursday, April 04, 2013 5:23 AM
Points: 35,
Visits: 127
mike.whorley (11/26/2012)
Hi,
I've recently changed our SQL services to run under domain account instead of the local account they used to use. Since doing this i'm unable to start the agent. I got the follwing error in event viewer
SQLServerAgent could not be started (reason: SQLServerAgent must be able to connect to SQLServer as SysAdmin, but '(Unknown)' is not a member of the SysAdmin role).
The account we are trying to start the agent with is both a local admin and has sysadmin role.
One thing i find strange is that when we connect to the instance using the service account and sql managent i can't see the properties of the agent as it's greyed out when i right click on it.
Any ideas on this - i've tried going back and running the agent as local but thet now returns the same error !
Thanks in advance,
Mike.
Does the domain account have "permission to logon as a service" rights on the server?
Post #1388476
John Mitchell-245523
John Mitchell-245523
Posted Monday, November 26, 2012 2:40 AM
SSCarpal Tunnel
Group: General Forum Members
Last Login: Yesterday @ 2:18 PM
Points: 4,434,
Visits: 7,219
Mike
It sounds as if you didn't use SQL Server Configuration Manager to make the change. Maybe you used the Services applet instead? Try using SQL Server Configuration Manager to change to Local System or something like that, then change back to your domain account.
John
Post #1388481
mjwlufc
mjwlufc
Posted Monday, November 26, 2012 6:51 AM
SSC Rookie
Group: General Forum Members
Last Login: Tuesday, January 29, 2013 4:07 AM
Points: 26,
Visits: 43
learning_sql (11/26/2012)
Does the domain account have "permission to logon as a service" rights on the server?
Yes it does - just double checked it in user rights assignment in local policies on the server.
Post #1388590
mjwlufc
mjwlufc
Posted Monday, November 26, 2012 6:58 AM
SSC Rookie
Group: General Forum Members
Last Login: Tuesday, January 29, 2013 4:07 AM
Points: 26,
Visits: 43
John Mitchell-245523 (11/26/2012)
Mike
It sounds as if you didn't use SQL Server Configuration Manager to make the change. Maybe you used the Services applet instead? Try using SQL Server Configuration Manager to change to Local System or something like that, then change back to your domain account.
John
Thanks John - i didn't use the config manager, however I've tried your suggestions but sadly just the same, local user or domain user return exactly the same error as previous.
Post #1388596
John Mitchell-245523
John Mitchell-245523
Posted Monday, November 26, 2012 7:01 AM
SSCarpal Tunnel
Group: General Forum Members
Last Login: Yesterday @ 2:18 PM
Points: 4,434,
Visits: 7,219
Sounds like you might have to do it manually, then. Try creating a login for your domain account and adding it to sysadmin. Then use SQL Server Configuration Manager to change the service to start under that account.
John
Post #1388599
mjwlufc
mjwlufc
Posted Monday, November 26, 2012 7:14 AM
SSC Rookie
Group: General Forum Members
Last Login: Tuesday, January 29, 2013 4:07 AM
Points: 26,
Visits: 43
Sorry John i'm not quite sure what you are saying there ?
The service account does have a login to the instance already with sysadmin role.
Post #1388611
John Mitchell-245523
John Mitchell-245523
Posted Monday, November 26, 2012 7:18 AM
SSCarpal Tunnel
Group: General Forum Members
Last Login: Yesterday @ 2:18 PM
Points: 4,434,
Visits: 7,219
Ah yes, so it does. I'm running out of ideas now. How about creating a named local Windows account and seeing if you can start SQL Server Agent as that?
John
Post #1388613
learning_sql
learning_sql
Posted Monday, November 26, 2012 7:21 AM
SSC Rookie
Group: General Forum Members
Last Login: Thursday, April 04, 2013 5:23 AM
Points: 35,
Visits: 127
Is the domain service account a member of the local group "SQLserveragentusers$SERVERNAME$INSTANCE" or similar
EDIT - this maybe useful but we may have covered it:http://www.mssqltips.com/sqlservertip/2317/running-sql-server-agent-with-a-least-privilege-service-account/
Post #1388618
mjwlufc
mjwlufc
Posted Monday, November 26, 2012 8:12 AM
SSC Rookie
Group: General Forum Members
Last Login: Tuesday, January 29, 2013 4:07 AM
Points: 26,
Visits: 43
John Mitchell-245523 (11/26/2012)
Ah yes, so it does. I'm running out of ideas now. How about creating a named local Windows account and seeing if you can start SQL Server Agent as that?
John
Created a new account and just made it a member for the SQLAGENT group as detailed above but still no joy.
My hunch is something in group policy is revoking the privs we are giving the domain account on this server.
Post #1388646
« Prev Topic
|
Next Topic »
18 posts, Page 1 of 2
1
2
»»
Permissions
You
cannot
post new topics.
You
cannot
post topic replies.
You
cannot
post new polls.
You
cannot
post replies to polls.
You
cannot
edit your own topics.
You
cannot
delete your own topics.
You
cannot
edit other topics.
You
cannot
delete other topics.
You
cannot
edit your own posts.
You
cannot
edit other posts.
You
cannot
delete your own posts.
You
cannot
delete other posts.
You
cannot
post events.
You
cannot
edit your own events.
You
cannot
edit other events.
You
cannot
delete your own events.
You
cannot
delete other events.
You
cannot
send private messages.
You
cannot
send emails.
You
may
read topics.
You
cannot
rate topics.
You
cannot
vote within polls.
You
cannot
upload attachments.
You
may
download attachments.
You
cannot
post HTML code.
You
cannot
edit HTML code.
You
cannot
post IFCode.
You
cannot
post JavaScript.
You
cannot
post EmotIcons.
You
cannot
post or upload images.
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved.
Privacy Policy.
Terms of Use.
Report Abuse.
