Sql Server 2005 Clustering

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQL Server 2005 » Administering » Sql Server 2005 Clustering

Sql Server 2005 Clustering

Rate Topic

Display Mode

Topic Options

Author

Message

chinn

Posted Tuesday, October 09, 2007 5:17 AM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, May 16, 2013 9:32 AM
Points: 127, Visits: 490

Hi Everybody,

We have a cluster service accout used to create a Windows cluster and also the service account runs on this account and it's a local admin on the box.

I installed sql server cluster and all the sql service accounts use a different account after installing sql i removed built in admins and now i am testing failover sql server is not coming up and saying login failed for 'cluster service account' and i am not sure why it's using that account.

Please let me know if the cluster service account should have acces to sql server ...if so why.

Thanks in Advance.
Chinn

Post #408390

colin.Leversuch-Roberts

Posted Tuesday, October 09, 2007 5:56 AM

SSCrazy

Group: General Forum Members
Last Login: Thursday, May 16, 2013 2:10 PM
Points: 2,668, Visits: 688

you have to be careful removing builtin admins ona cluster - there's some KB articles about this try KB 263712

The GrumpyOldDBA
www.grumpyolddba.co.uk
http://sqlblogcasts.com/blogs/grumpyolddba/

Post #408401

Sopheap Suy

Posted Tuesday, October 09, 2007 8:53 AM

Ten Centuries

Group: General Forum Members
Last Login: Wednesday, January 23, 2013 9:22 AM
Points: 1,062, Visits: 355

If you remove builtin admin, it won't work. Cluster is one of the beast that won't function well. I would say that it is one of the exception that is different then regular install.

sopheap

Post #408525

fhanlon

Posted Tuesday, October 09, 2007 9:08 AM

SSCrazy

Group: General Forum Members
Last Login: Today @ 7:39 AM
Points: 2,100, Visits: 1,791

I have removed the builtin account on my clusters and it works. The cluster account must be made sysadmin as is the account the runs SQL and SQL Agent

Francis

Post #408534

chinn

Posted Tuesday, October 09, 2007 9:17 AM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, May 16, 2013 9:32 AM
Points: 127, Visits: 490

Thanks for the input guys...
That's what i did ..i added both cluster service account and the service account that runs sql server as sysadmin in sql server...

Thanks.

Post #408539

K. Brian Kelley

Posted Wednesday, October 10, 2007 6:36 PM

Keeper of the Duck

Group: Moderators
Last Login: 2 days ago @ 1:55 PM
Points: 6,584, Visits: 1,789

fhanlon (10/9/2007)

I have removed the builtin account on my clusters and it works. The cluster account must be made sysadmin as is the account the runs SQL and SQL Agent

The Microsoft guidance on this has changed. The cluster account must be able to login but it doesn't need to be a member of the sysadmin fixed server role:

How to impede Windows NT administrators from administering a clustered instance of SQL Server (SQL Server 7.0 and 2000)

Before Installing Failover Clustering (SQL Server 2005) - See section Configure Microsoft Cluster Service.

K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog |

LinkedIn | Twitter

Post #409315

chinn

Posted Thursday, October 11, 2007 7:05 AM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, May 16, 2013 9:32 AM
Points: 127, Visits: 490

Brian,

Does it mean just add a login with no permissions?

Thanks,

Post #409503

K. Brian Kelley

Posted Wednesday, October 17, 2007 1:28 PM

Keeper of the Duck

Group: Moderators
Last Login: 2 days ago @ 1:55 PM
Points: 6,584, Visits: 1,789

I believe so. One way to test is to create a login with no permissions and run SELECT @@SERVERNAME and see if it can execute it. It should be able to do so as any login should be placed in the public role automatically.

K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog |

LinkedIn | Twitter

Post #411898

chinn

Posted Wednesday, October 17, 2007 2:14 PM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, May 16, 2013 9:32 AM
Points: 127, Visits: 490

Thanks Very Much!

Post #411920

« Prev Topic | Next Topic »

Permissions