 | |
Unable to start agent
microsoft.public.sqlserver.server microsoft.public.sqlserver.server
 |
| | Thread Tools | Display Modes |
#31
 
| ||||||
| ||||||
|
Re: I experienced exactly the same problem in my organisation. -
09-12-2011
, 09:12 AM
|
On Friday, January 25, 2008 2:37 PM JasonBlai wrote: I am having an issue where I cannot start the sql agent service using a domain user account. When using SQL configuration manager to change the service account logon to a domain user account, i receive WMI Provider error, processes terminated unexpectedly error 0x8007042B It does seem to change the service logon as account to the domain user account though. Afterwards, if I try to start the service using computer management, i get: The SQL Server Agent service on local computer started and then stopped. Some services stop automatically if they have no work to do, for example, the performance logs and alerts service. I don't see anything in the event log. When I check the SQL Agent log, it states: 2008-01-25 16:52:12 - ! [241] Startup error: Unable to initialize error reporting system (reason: The EventLog service has not been started) 2008-01-25 16:52:12 - ? [098] SQLServerAgent terminated (normally) The service will run as localsystem. The service will also start if I add the domain user account to the local administrators group but I do not want to do this for security reasons. The domain user account I am trying to use has been granted: Act as part of the operating system Adjust memory quotas for a process Bypass traverse checking Log on as a batch job Log on as a service Replace a process level token I have verified this by doing an RSOP. It is the same policy and user account that is functioning normally on other SQL Servers. Any help would be appreciated. TIA, |
Quote:
|
On Saturday, January 26, 2008 6:25 AM John Bell wrote: Hi Jason Did you check out http://blogs.msdn.com/stuartpa/archi...12/480223.aspx John |
Quote:
|
On Monday, January 28, 2008 9:35 AM JasonBlai wrote: Thanks for the response John. I have checked out that blog. I have restarted the server with no luck. Also, it seems the blog is referring to the sql server service and not the agent service. Additionally, I can change the account and have it work if the domain user I am changing the service to run as is in the local administrators group. -Jason Blair "John Bell" wrote: |
Quote:
|
On Monday, January 28, 2008 11:35 PM St wrote: I experienced exactly the same problem in my organisation. This was because the account that the SQL Agent was starting as did not have the rights to query the status of the event log service which is turn was due to a restrictive group policy locking down this right. On the server, at the command line run rsop.msc to see what group policies are applying to the server. Go to Computer Configuration\Windows Settings\Security Settings\System Services\Event Log and view the security. You will probably see that this is locked down. The Account that SQL Agent is running as needs "Read" and "Stop, start, pause" rights to the Event Log service. A default server build with no group policy applied is less restrictive and therefor you can usually start the Agent under a domain account. Our AD/Server team had tightened down the security on services. To solve this, we created a new OU with a slightly different group policy. This policy allowed the "Authenticated Users" group the "Read" and "Stop, start, pause" rights on the Event Log service. We then moved all SQL Servers into that OU. The SQL Agent Service now starts as a domain account without any problems. (if you do this, make sure you wait long enough for the new policy to take effect or run gpupdate) "Jason Blair" wrote: |
Quote:
|
On Tuesday, January 29, 2008 10:55 AM JasonBlai wrote: Thanks Stu, I ran an RSOP and it appears that the AD team has applied a GPO that tightens the security for the event log service. I was able to reproduce the error in my lab. Thanks again. I really appreciate your help! -Jason Blair "Stu" wrote: |
Quote:
|
On Monday, September 12, 2011 10:02 AM ejac wrote: Hello Sir... I'm new to SQL Server as well as the windows XP... Can you demonstrate how am I going to do this "A default server build with no group policy applied is less restrictive and therefor you can usually start the Agent under a domain account. Our AD/Server team had tightened down the security on services. To solve this, we created a new OU with a slightly different group policy. This policy allowed the "Authenticated Users" group the "Read" and "Stop, start, pause" rights on the Event Log service. We then moved all SQL Servers into that OU. The SQL Agent Service now starts as a domain account without any problems. (if you do this, make sure you wait long enough for the new policy to take effect or run gpupdate)" Really needed it... Thanks!  |
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Powered by vBulletin Version 3.5.3
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.