March 1, 2013 at 9:30 am
Setting up the multi-server administration failed for me because the MsxEncryptChannelOptions registry value on the server I am attempting to make the target is set to '2'. According to Microsoft and everyone else on the interwebz, changing it to '0' resolves this issue.
My question is what are the effects of changing the value to '0'? Seeing as this is a production server, making changes to the registry without knowing what else it will effect kinda makes me nervous.
What else uses this registry entry or is it exclusively used by the multi-server admin functions?
...
March 1, 2013 at 1:50 pm
April 5, 2013 at 4:47 am
I was really hesitant about modifying the registry as well, so I wrote a PowerShell Script to do it in a controlled and safe manner.
Safely Enable SQL Server Agent MultiServer Administration using PowerShell[/url]
Chrissy
Founder, dbatools.io
November 6, 2013 at 10:59 am
I'm creating scripts for deployment, so it was simpler to use xp_regwrite:
EXEC master..xp_regwrite
@rootkey='HKEY_LOCAL_MACHINE',
@key='SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\SQLServerAgent',
@value_name='MsxEncryptChannelOptions',
@type='REG_SZ',
@value='00000000'
-- 0 Disables encryption between this target server and the master server. her means.
-- 1 Enables encryption only between this target server and the master server, but no certificate validation is required.
-- 2 Default. Enables full SSL encryption and certificate validation between this target server and the master server.
January 21, 2014 at 3:16 pm
Probably worth noting that if you use the xp_regwrite version, you should go to your passive nodes in your clusters right away so you don't forget to update those as well. Otherwise upon failover, things will stop working.
Good post otherwise.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply