December 28, 2007 at 4:15 am
I tried to start SQL Server Active Directory Helper on
- A Win 2003 Server that is a Primary Domain Controller (Virtual Machine)
- A Win XP SP2 (virtual) machine that is joined to the active directory.
An error was displayed referring to the following 'service-specific error code': -1073741724.
Any idea what this means?
December 24, 2008 at 12:41 am
Even I am having the same problem.
January 8, 2009 at 5:02 am
i m also having a same problem
what is the solution
January 8, 2009 at 5:48 am
The Active Directory Helper won't start manually. By default the service is Disabled. The SQL Server Database Engine handles the use of this service.
It publishes SQL Server information in Active Directory. If you don't need to publish SQL Server information in your Active Directory domain, then set the service to Disabled. If you do, set it to Manual and let SQL Server manage it.
The SQL Server installation sets the user account to NT AUTHORITY\NETWORK SERVICE. This will pass the computer name as the credential to Active Directory. Another often used user account is NT AUTHORITY\LOCAL SYSTEM. Following the principal of least privilege, it is best to create a new service account dedicated to the Active Directory Helper service. Domain Users is the only group membership it needs. If you use Group Policy to configure the Log On As A Service privilege then you will need to add this service account to your GPO. If this doesn't apply, then simply setting the user in Services will grant the privilege on your behalf.
--
Andrew Hatfield
January 9, 2009 at 7:20 am
Andrew,
Can you explain what reasons would be good reasons to choose to publish SQL Server info to AD? I'm relatively new to the administrative pieces of SQL Server, and would like some background on this topic ... It also would be useful for me to know how the answer to the above question applies in a home network scenario, and specifically where one has a website that has financial data on said SQL Server, where I'd be restricting access to specific authenticated users. Could such publication be more of a risk than a helpful thing?
Steve
(aka smunson)
:):):)
Steve (aka sgmunson) 🙂 🙂 🙂
Rent Servers for Income (picks and shovels strategy)
January 9, 2009 at 8:28 am
smunson (1/9/2009)
Andrew,Can you explain what reasons would be good reasons to choose to publish SQL Server info to AD? I'm relatively new to the administrative pieces of SQL Server, and would like some background on this topic ... It also would be useful for me to know how the answer to the above question applies in a home network scenario, and specifically where one has a website that has financial data on said SQL Server, where I'd be restricting access to specific authenticated users. Could such publication be more of a risk than a helpful thing?
Steve
(aka smunson)
:):):)
I see your point, perhaps a useful scenario (lacking background knowledge on SQL Server) would be that I might need to retrieve personal information of employees into the Active Directory Domain, using procedural scripts. Assuming this can be done it would be helpful in this case.
January 9, 2009 at 5:09 pm
Publishing SQL Server information to Active Directory is only of any use if you have client applications that query Active Directory for such information.
When you publish SQL Server to AD, it publishes the SQL Instance and databases. One way that I could see this being useful is that you wouldn't need to configure your application connection settings. It can query LDAP://RootDSE to get your local domain information and then ask AD to give it a list of SQL Instances and databases.
I haven't yet seen an application that takes advantage of this feature. I would imagine that SQL Server creates an Application Partition within your Active Directory schema similar to DNS.
There is some further information here
http://www.sqlmag.com/Article/ArticleID/41841/41841.html
http://msdn.microsoft.com/en-us/library/aa174517(SQL.80).aspx
--
Andrew Hatfield
January 9, 2009 at 5:14 pm
smunson (1/9/2009)
It also would be useful for me to know how the answer to the above question applies in a home network scenario, and specifically where one has a website that has financial data on said SQL Server, where I'd be restricting access to specific authenticated users. Could such publication be more of a risk than a helpful thing?Steve
(aka smunson)
:):):)
I can't see that it would add any value in your situation. Horse for courses though
--
Andrew Hatfield
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply