SQL Server service account locked

  • Hello,

    We had a case where in the domain account which is running SQL server got locked.

    Database connectivity through management studio and applciations worked fine.

    Report services showed the reports how ever the connectivity failed saying account locked.

    Did any one faced these kind of issue before.

    I need to identify this issue and alert, if it possible.

    second i need to find how many jobs not started on that particular day, if there is an issue as an alert.

    Are the above possible if i need to check some thing more please share your suggestions.

    our server team havent identified the root cause yet. any suggestion where i can start with.

    Regards
    Durai Nagarajan

  • Hello Frnd......

    you can unlocked user:

    Login with administrator--> open a local user and group manager .

    In the right pane under the Name column, double click on the locked out user account.

    Uncheck the Account is locked out box, and click on OK.

    you can check in event log why this account was locked.

    Rajesh Singh

    DBA(HCL Comnet)

    +919560888360

    Rajesh Singh
    DBA(HCL Comnet)
    +91-0560888360

  • Hello,

    Forgot to mention we (our team) dont have access to do that.

    is there a way to indentify the state and alert.

    Regards
    Durai Nagarajan

  • any suggestions?

    Regards
    Durai Nagarajan

  • Speak to your AD team, ask them to set the account to not allow interactive logins (users should not be using the service account) and ask them if they can put any alerts or notifications to let them or you know if the account does become locked. If it does, you should investigate who or what is entering a bad password and resolve the source of the problem.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass
  • thanks gail

    hope i understand that we cant do through sql.

    Regards
    Durai Nagarajan

  • No, you can't access the Active Directory list of logins and users via T-SQL.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass
  • thanks again gail.

    Regards
    Durai Nagarajan

  • On a SQL Server, you can hunt down your event logs (may be security logs) and search for SQL Server service account and find some information related to it as when and who locked it. It does have a MAJOR IMPACT if SQL Servers that run under this locked account have rebooted. Server (OS) will start but SQL WILL NOT START.

    So check your event logs and check with your AD Team as well as Gail suggested. Also, her suggestion regarding diabling interactive login of service account is very valid. It is very important.

    Thanks,

    Vikas

  • LDAP queries?

  • hope this is querying AD.

    we dont have access.

    Regards
    Durai Nagarajan

Viewing 11 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic. Login to reply