I am hoping you can help me although this might be awindows issues. My system administrators are unable to resolve this so I am hoping someone may have dealt with this issue before.
I am running Windows Server 2012 with SQL Server 2014 SP2CU8 and all is well
We have configured a security audit within SQL Serverthat is set to
A: On Audit Log Failure – Shut down server
B: Audit Destination – Security Log
So in order for SQL Server to be able to write to theWindows Event – Security log we gave the account that runs the SQL ServerService full control to the “Security” folder in the registry HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Security.
Also the account we are using is a virtual serviceaccount generated by SQL server.
The problem is that every once in a while when rebootingthe sever The virtual service account NT SERVICE\MSSQL$instance is dropped fromthe “Security” folder permissions. Then of course when SQL server cannot write to the Security Log it shuts down theservice
Has anybody seen this issue before. I know that the system administrators are constantlyimplementing new security procedures via GPO and they are always installingWindows patches.
Any feedback is appreciated.