March 9, 2012 at 11:11 am
I have been having problem with configuring SQL Agent Service account for SQL Server 2005/2008 r2 instances.
I cannot get sql agent to start with the domain service account I created.
SQL Service will start but the agent will not. I have tried several things including following best practices for setup of Service accounts. If I add the service account to the local admin group the Agent starts but if I remove from Local Admin it does not start. Errors I see in SQL Logs are:
SQL SERVER AGENT LOG ERROR:
[241] Startup error: Unable to initialize error reporting system (reason: The EventLog service has not been started)
SQL SERVER LOG:
SQL Server blocked access to procedure 'dbo.sp_get_sqlagent_properties' of component 'Agent XPs' because this component is turned off as part of the security configuration for this server. A system administrator can enable the use of 'Agent XPs' by using sp_configure. For more information about enabling 'Agent XPs', see "Surface Area Configuration" in SQL Server Books Online.
If any one can assist plz do here is what I've done:
1. I installed SQLserver 2008 r2 on Windows server 2008 r2. in Domain based environment.
2. Enabled SQL Agent to autostart.
3. Created 1 domain user account to run the SQL DBService and SQLAgent.
4. assigned the following privileges to the domain account:
Yes Permission to log on as a service (SeServiceLogonRight)
Yes Permission to act as part of the operating system (SeTcbPrivilege) (only on Windows 2000)
Yes*(inherited by local user group) Permission to bypass traverse checking (SeChangeNotifyPrivilege)
Yes Permission to replace a process-level token (SeAssignPrimaryTokenPrivilege)
Yes Permission to adjust memory quotas for a process (SeIncreaseQuotaPrivilege)
Yes Permission to log on using the batch logon type (SeBatchLogonRight)
5. Created a SQL Login with Sysadmin role membership
6. Used SQL Config mgr to change SQLAgent login with to the domain account.
March 9, 2012 at 12:24 pm
Have you tried turning on the Windows Event Log service?
_________________________________
seth delconte
http://sqlkeys.com
March 10, 2012 at 12:31 am
Hi dskinner,
Please try the following,
1) Create one domain account on the Domain machine with administrative previllages for the login, if exist then good.
2) restart your mssql server machine and login with the domain account credential as login mentioned in step 1.
Login Infromation such as,
User name = Administrator
password = Passw0rd@123
Log on to = Domain server name
3) Once you log on the server, open the sql server configuration, go on SQL server Agent services > Properties > now change the service account.
may it will helpfull for you.
Regards,
________________________________________
M.I.
[font="Times New Roman"]
March 10, 2012 at 12:50 am
March 13, 2012 at 9:43 am
There is a specific group on windows server for sql server logins, that group has sysadmin right on the database therefore removes the need to create a login with sysadmin right.
Depending on the version you've installed and were its should be called something like
[ServerName]\SQLServer2005SQLAgentUser$[ServerName]$MSSQLSERVER
OR
NT SERVICE\SQLSERVERAGENT
Add the domain login to that group and it should work fine
March 14, 2012 at 4:29 am
You definitely do not need to give any of the SQL Server service accounts Windows local administrator privilege in order to run SQL Server.
The priviliges you have given the Agent account should normally be enough to run Agent, but if your site restricts access to services there are two gotchas you need to look at.
The SQL Agent account needs to have the Read privilege to the Event Log (Eventlog) service and Remote Procedure Call (RpcSs) services in order to start. If your site restricts access to these services it will have been done via a Group Policy Object (GPO). You will need to get the GPO changed in order to fix this problem.
In order to connect to SQL Server, the SQL Agent service account must be a SQL Sysadmin.
Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.
When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara
April 9, 2012 at 11:23 am
Check the permissions on the directory where MSSQL is installed. I had the same problem. Since I added drives and moved log files to different directories this was the issue. If this is a cluster you must repeat this on all nodes and all directories the sqlagent needs access to..
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply