June 29, 2006 at 11:29 am
I'm having a problem adding a push subscription to a transactional publication on SQL2005, Win 2003 server. I can't run the distribution agent as a user other than the user defined as the SQL Server Agent logon account.
Here is my general setup:
- SQLServer 2005 developer edition, with Windows Security (SQL Server security not enabled).
- Running SQL Server Agent using a workgroup user name SQLAgentExec, this user is only a member of the group SQLServer2005SQLAgentUser$GALILEO-TEST1$MSSSLSERVER.
- I've added a second Windows user that I wish to use to run as the distribution agent called ISIS_REPLICATION. This login is added to the SQL Server, and the user has been added to the distribution database and the publishing database, and made a db_owner for each. ISIS_REPLICATION is also a member of the PAL but is not in any Windows groups.
- I'm making all changes via replication stored procedures through SQL Management Studio, while logged onto Windows as an administrator (user name GALILEO-TEST1\Bachmann).
- Replicating to a Windows XP machine running SQLExpress.
I've found that I can add the subscription and replicate to the client with no problem provided I permit the distribution agent to run under the context of the SQL Server Agent (user SQLAgentExec). I do this by using the two stored procedures sp_addsubscription and sp_addpushsubscription_agent.
I don't specify @job_login or @job_password, meaning the distribution agent is run under the context of SQLAgentExec. Here are those scripts:
============
exec sp_addsubscription
@publication = N'ISISRegister',
@subscriber = N'ral-chabac-wb\sqlexpress',
@destination_db = N'ISIS',
@subscription_type = N'Push',
@sync_type = N'automatic',
@article = N'all',
@update_mode = N'read only',
@subscriber_type = 0
exec sp_addpushsubscription_agent
@publication = N'ISISRegister',
@subscriber = N'ral-chabac-wb\sqlexpress',
@subscriber_db = N'ISIS',
@job_login = null,
@job_password = null,
@subscriber_security_mode = 1,
@frequency_type = 64,
@frequency_interval = 0,
@frequency_relative_interval = 0,
@frequency_recurrence_factor = 0,
@frequency_subday = 0,
@frequency_subday_interval = 0,
@active_start_time_of_day = 0,
@active_end_time_of_day = 235959,
@active_start_date = 20060627,
@active_end_date = 99991231,
@enabled_for_syncmgr = N'False',
@dts_package_location = N'Distributor'
GO
===============
But of course this is not a best practice. When I try to setup the subscription using the @job_login and @job_password set to the login of ISIS_REPLICATION, the process doesn't work. Here are those scripts:
===============
use [ISIS]
exec sp_addsubscription
@publication = N'ISISRegister',
@subscriber = N'ral-chabac-wb\sqlexpress',
@destination_db = N'ISIS',
@subscription_type = N'Push',
@sync_type = N'automatic',
@article = N'all',
@update_mode = N'read only',
@subscriber_type = 0
exec sp_addpushsubscription_agent
@publication = N'ISISRegister',
@subscriber = N'ral-chabac-wb\sqlexpress',
@subscriber_db = N'ISIS',
@job_login = N'galileo-test1\ISIS_REPLICATION',
@job_password = N'rep',
@subscriber_security_mode = 1,
@frequency_type = 64,
@frequency_interval = 0,
@frequency_relative_interval = 0,
@frequency_recurrence_factor = 0,
@frequency_subday = 0,
@frequency_subday_interval = 0,
@active_start_time_of_day = 0,
@active_end_time_of_day = 235959,
@active_start_date = 20060620,
@active_end_date = 99991231,
@enabled_for_syncmgr = N'False',
@dts_package_location = N'Distributor'
GO
===============
When I run them, I get this set of messages:
===============
Job 'GALILEO-TEST1-ISIS-ISISRegister-RAL-CHABAC-WB\SQLEXPR-8' started successfully.
Warning: The distribution agent job has been implicitly created and will run under the SQL Server Agent Service Account.
'GALILEO-TEST1\bachmann' is a member of sysadmin server role and cannot be granted to or revoked from the proxy. Members of sysadmin server role are allowed to use any proxy.
Job 'GALILEO-TEST1-ISIS-ISISRegister-RAL-CHABAC-WB\SQLEXPR-8' started successfully.
===============
When I view the job activity monitor, I see that the GALILEO-TEST1-ISIS-ISISRegister-RAL-CHABAC-WB\SQLEXPR-8 is failing on step 2 (and step 3), step 2 is which is the step to start the distribution exe. I see this error msg for step 2:
===============
Message
Unable to start execution of step 2 (reason: Error authenticating proxy galileo-test1\ISIS_REPLICATION, system error: Logon failure: unknown user name or bad password.). The step failed.
===============
I orginally believed this was a permissions problem gaining access to the SQL Server, but now I suspect that the user SQLAgentExec can't launch a process under the context of ISIS_REPLICATION. I think this because I can run distrib.exe using the credentials of ISIS_REPLICATION and the distribution runs without a problem. I do this via runas.exe to start cmd, from the cmd window, I browse to the directory containing distrib.exe, and then launch it using the cmd line options specified in step 2.
Again, I suspect the problem is that the SQL Server Agent can't impersonate ISIS_REPLICATION, but I don't know how to absolutely proved this or fix it. Does anyone have an idea of what might be the issue/remedy?
Viewing post 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy