Re: SQL Services account question...

Joe,

The best thing is to do is to run your SQL Server under a domain account,
not a local account.

Or, to quote Ekrem, "using a domain account as a SQL Server service account
is a recommended way." (Actually, Ekrem probably meant "the recommended
way.")

RLF


"Joe" <Joe@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:130C7954-0197-4711-883C-D9A73A2733F3@xxxxxxxxxxxxxxxx
Thank you for restating the obvious.

My real question is how should I best address this?

"Ekrem Önsoy" wrote:

A SQL Server server which is part of a domain and its service is not a
domain account. Why not? Because using a domain account as a SQL Server
service account is a recommended way.

My guess is, you get the error because SQL Server service can't
communicate
with your AD server as it's a local service.

--
Ekrem Önsoy



"Joe" <Joe@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D75D7153-C26E-43A3-96BB-59C533F4031A@xxxxxxxxxxxxxxxx
OK, here's my problem.

I have a SQL 2005 Server that is part of a domain. The SQL services
start
with a
local account and not a domain account. The issue I am seeing is that
when
I go
to backup a database that is owned by a Domain account the querying of
AD
for the
account information fails. Error below:

[298] SQLServer Error: 15404, Could not obtain information about
Windows
NT
group/user

Then in the Security event log I get an error at the same time that
states:

An error occurred during logon
Source: Security Event ID: 537

So the question is, how can I get this to work correctly? Should I
just
change the owner of the database?

Any thoughts would be appreciated.



.

Relevant Pages

  • Re: SQL Services account question...
    ... The best thing is to do is to run your SQL Server under a domain account, ... Or, to quote Ekrem, "using a domain account as a SQL Server service account is a recommended way." ...
    (microsoft.public.sqlserver.security)
  • Re: Running SQL Server Service as Domain User? - Security Concerns?
    ... make your domain account a member of the local administrators group. ... instructions on what rights on the database server the SQL Server and SQL ... > domain user called "sqlserveruser": ... the user the SQL Server service runs as has to have ...
    (microsoft.public.sqlserver.security)
  • Re: Linked Server Connection Problem
    ... Use SQL authentication to connect to the SQL server from the client, ... set the domain account used to start SQL Server to have permissions in the ... Establish a SPN for your domain account which will enable Kerberos ... Load the Active Directory Users and Computers MMC snap-in. ...
    (microsoft.public.sqlserver.connect)
  • Re: SQL Services account question...
    ... I wish you'd say the reason of not using a domain account as a service account for the SQL Server. ... Backup operations are performed by SQL Server service, at this point I don't know what goes on under hood exactly but SQL Server service may be needed to communicate to the AD for validation of the database owner and as the SQL Server service is a local one, it can't achieve this task. ... > Source: Security Event ID: 537 ...
    (microsoft.public.sqlserver.security)
  • Re: Login failed for user NT AUTHORITYANONYMOUS LOGON
    ... >>I've enabled anonymous access, setting it to the correct domain account, ... >> the correct permissions in sql server ... > That means the local user permissions, the SQL Server, etc. ... >> c) I've enabled anonymous access, setting it to the correct domain account, ...
    (microsoft.public.dotnet.framework.aspnet)