January 19, 2006 at 10:13 am
I am installing SQL Server 2000 Standard Edition on a Windows 2003 server. This server is part of our domain.
In active directories, on the domain controller, I created an account called SQLACCT to us as our service account and made it a member of the Domain Admin, Domain Users, and Admin groups.
I am at the part of the installation where I set up the service account. I enter in the user name (SQLACCT) and password I created and I receive the following message. "The logon account could not be validated for SQL Server Service. Verify that the user name and password entered are correct. No authority could be contacted for authentication."
Can someone please let me know what I am doing wrong?
Thanks in advance.
January 19, 2006 at 10:17 am
I would remove it from Domain Admins. It is unlikely this level of permissions in necessary.
As to the problem at hand, are there any errors in the System event log for the operating system indicating a problem talking to the domain controller?
K. Brian Kelley
@kbriankelley
January 19, 2006 at 10:51 am
Thanks for the reply...
I checked the event log and there are some errors. They say that windows cannot obtain the domain controller name.
I am able to see the domain controller and ping it.
Any ideas?
January 19, 2006 at 11:06 am
Without seeing the exact error message, a few things to check:
1) The SQL Server's time is in synch with the domain controller (within a few minutes).
2) The SQL Server sees the DNS server (which could be the domain controller as it's not unusual to do this) and can perform queries against it (a simple nslookup http://www.sqlservercentral.com from the command line will suffice).
3) See if there are errors on the domain controllers with respect to the SQL Server.
K. Brian Kelley
@kbriankelley
January 19, 2006 at 11:14 am
I think the time synch is the issue.
I am receiving an error in the event viewer of the domain controller referencing time synch. The error message is as follows.
"This machine is a PDC of the domain at the root of the forest. Configure to sync from external time source using the net command, 'net time/setsntp:'."
Should I type in 'net time/setsntp:' on the domain controller?
My other concern is that the domain controller is a Windows machine and the other servers are Novell.
Would using the time sync command cause problems in a Novell environment?
January 19, 2006 at 11:47 am
Is the SQL Server installed on a member server or on a domain controller? If it is installed on a DC, that's a whole different ball of wax. There are KB articles about things you may have to do to get everything up and running. Doable, but just a bit more involved than on a member server.
As for the time issue, you need to have what's called an "authoritative time server" within your Active Directory domain, and this is whatever is running as the PDC emulator (which it sounds like you've found). Here's how to configure the domain controller to be an authoritative time server:
How to configure an authoritative time server in Windows 2000
K. Brian Kelley
@kbriankelley
January 19, 2006 at 12:24 pm
It could be having an issue with the secure channel. I've seen auth problems like this, but I can't remember exactly which utility resets this.
January 19, 2006 at 1:43 pm
Steve -
Thanks for the suggestion. If the time synch doesn't work, I'll be sure to try this.
January 20, 2006 at 8:26 am
From your original post, it doesn't appear that you specified the domain name with the account? ie., domain name\account
Or did you?
Viewing 9 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply