July 9, 2009 at 3:33 pm
Hello
I have googled this topic and have found some items, however those items all point to a stand alone installation of SQL Server. So...
I have a Windows 64bit 2003 R2 Cluster with three nodes; active-passive configuration. It was requested to change the SQL Server Service Account to a new domain account that had less authority than the current account. The new account was tested on a stand alone non 64bit Windows 2003 and works fine. I do have the new account as the service account for two full SQL Instances running on the cluster. The account was used to install those instances, so that also tells me that the new account is working properly. Now here's the real twist; on my existing instances I have been able to change to the new service account for some services but not for others. The ones that don't give me the WMI Error of Access Denied. The new service account has been added to the Security on each instance. I am running SSIS, SSRS, SSAS and the rest of the normal SQL services.
Any ideas at this point would be helpful, if no one has any thing right off then I will call big brother.
John
July 13, 2009 at 7:20 am
Can you detail what permissions you gave the service account (and it'll have the be the same on each physical node of the cluster) and what services failed when you tried to change the service account? Also, was your Windows user account a power user or administrator on each physical node?
K. Brian Kelley
@kbriankelley
July 13, 2009 at 9:30 am
The new service account was setup on all nodes and give full local administrative access. The account also has limited domain admin access as well.
Reporting, Analysis, SQL Agent, it depended on the cluster instance. I will try to get more information and specifics sometime today.
Thanks
July 13, 2009 at 9:38 am
Did the account you were using have administrative rights on all nodes?
K. Brian Kelley
@kbriankelley
July 13, 2009 at 4:13 pm
Yes the account I want to use has admin rights on all nodes.
July 15, 2009 at 1:52 pm
Not the account you want to use, but the account you are logged on as. You are performing an operation that requires as least Power User rights on all the nodes. Therefore, the account you logged on as must have those permissions in order to make the change.
K. Brian Kelley
@kbriankelley
July 15, 2009 at 2:24 pm
That is the account that I am logged in with. It has local admin rights to all the nodes plus it has limited domain admin rights.
Not sure if this is related, but we did have one instance that was not on the same service pack for sql. As of now, all sql instances are on the same service pack and I have not tested since the one instance was updated to same service pack.
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply