February 24, 2021 at 9:57 pm
Our network team recently updated our GPO and since that time, we are having an issue with a transactional replication.
The symptom is that the Snapshot Agent fails to start with an error that "A required privilege is not held by the client."
Our SQL Server Agent is running as an windows account; one suggested fix that I found was to change the SQL Agent to run as Local System, restart it, set it back to the windows account, restart again; however this does not resolve the problem in our case. And we prefer not to run the service as Local System due to issues connecting to network locations for various jobs that run on the server.
The windows account that runs the service is a server admin, sysadmin, and network admin - so I am not sure what privilege it is missing. Was wondering if anyone here might know the specifics. We're trying to reverse whatever specific setting was changed in the GPO but so far haven't been able to find it.
We may end up just running the service as Local System; it will cause other problems but at least they're more straightforward problems...
February 25, 2021 at 4:01 pm
Make the service account a sysadmin, and see what happens.
This article describes what permissions are required.
Michael L John
If you assassinate a DBA, would you pull a trigger?
To properly post on a forum:
http://www.sqlservercentral.com/articles/61537/
February 26, 2021 at 3:57 pm
Michael - appreciate the reply; the service account already is a sysadmin, as well as local server admin and network admin.
We found that the "Replace a Process Level Token" permission was removed from local admin accounts by GPO update; this permission was restored, and after a gpupdate /force the problem appears to be resolved.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply