September 23, 2011 at 5:05 am
I get this when I try to add the passive node in a cluster to SQL Server;
No mapping between account names and security IDs was done.
Any ideas? I've checked and tried everything I can find in the KB articles, including checking languages and localisation, AD and local group memberships of the domain accounts. SQL is up and running on the active node with no issues. This happens when I run setup on the passive node as the SQL service account with the same media I used on the active node.
Here's the install log, server names changed to protect the guilty:
Overall summary:
Final result: Failed: see details below
Exit code (Decimal): -2068052377
Exit facility code: 1212
Exit error code: 1639
Exit message: Failed: see details below
Start time: 2011-09-23 11:35:05
End time: 2011-09-23 11:40:37
Requested action: AddNode
Log with failure: C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_113347\sql_engine_core_inst_Cpu64_1.log
Exception help link: http://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=10.50.2500.0
Cluster properties:
Machine name: PASSIVE-NODE
Product Instance Instance ID Feature Language Edition Version Clustered
Sql Server 2008 R2 Management Tools - Basic 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Management Tools - Complete 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Client Tools Connectivity 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Client Tools Backwards Compatibility 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Integration Services 1033 Enterprise Edition 10.51.2500.0 No
Machine name: ACTIVE-NODE
Product Instance Instance ID Feature Language Edition Version Clustered
Sql Server 2008 R2 MSSQLSERVER MSSQL10_50.MSSQLSERVER Database Engine Services Enterprise Edition 10.51.2500.0 Yes
Sql Server 2008 R2 MSSQLSERVER MSSQL10_50.MSSQLSERVER SQL Server Replication Enterprise Edition 10.51.2500.0 Yes
Sql Server 2008 R2 MSSQLSERVER MSSQL10_50.MSSQLSERVER Full-Text Search Enterprise Edition 10.51.2500.0 Yes
Sql Server 2008 R2 Management Tools - Basic 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Management Tools - Complete 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 Integration Services 1033 Enterprise Edition 10.2.4000.0 No
Machine Properties:
Machine name: PASSIVE-NODE
Machine processor count: 24
OS version: Windows Server 2008 R2
OS service pack:
OS region: United States
OS language: English (United States)
OS architecture: x64
Process architecture: 64 Bit
OS clustered: Yes
Product features discovered:
Product Instance Instance ID Feature Language Edition Version Clustered
Sql Server 2008 R2 Management Tools - Basic 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Management Tools - Complete 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Client Tools Connectivity 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Client Tools Backwards Compatibility 1033 Enterprise Edition 10.51.2500.0 No
Sql Server 2008 R2 Integration Services 1033 Enterprise Edition 10.51.2500.0 No
Package properties:
Description: SQL Server Database Services 2008 R2
ProductName: SQL Server 2008 R2
Type: RTM
Version: 10
Installation location: C:\Software\SQL2K8_ENT_x64_R2_SP1\x64\setup\
Installation edition: ENTERPRISE
Slipstream: True
SP Level 1
User Input Settings:
ACTION: AddNode
AGTSVCACCOUNT: DOMAIN\Xsql-agent
AGTSVCPASSWORD: *****
ASSVCACCOUNT: <empty>
ASSVCPASSWORD: *****
CONFIGURATIONFILE: C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_113347\ConfigurationFile.ini
CUSOURCE:
ENU: True
FAILOVERCLUSTERGROUP: SQL Server (MSSQLSERVER)
FAILOVERCLUSTERNETWORKNAME: SQLCLUSTER
FARMACCOUNT: <empty>
FARMADMINPORT: 0
FARMPASSWORD: *****
FTSVCACCOUNT: NT AUTHORITY\LOCALSERVICE
FTSVCPASSWORD: *****
HELP: False
INDICATEPROGRESS: False
INSTANCENAME: MSSQLSERVER
PASSPHRASE: *****
PCUSOURCE: C:\Software\SQL2K8_ENT_x64_R2_SP1\PCU
PID: *****
QUIET: False
QUIETSIMPLE: False
SQLSVCACCOUNT: DOMAIN\xsql-server
SQLSVCPASSWORD: *****
UIMODE: Normal
X86: False
Configuration file: C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_113347\ConfigurationFile.ini
Detailed results:
Feature: Database Engine Services
Status: Failed: see logs for details
MSI status: Passed
Configuration status: Passed
Feature: SQL Server Replication
Status: Failed: see logs for details
MSI status: Passed
Configuration status: Passed
Feature: Full-Text Search
Status: Failed: see logs for details
MSI status: Passed
Configuration status: Passed
Rules with failures:
Global rules:
There are no scenario-specific rules.
Rules report file: C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_113347\SystemConfigurationCheck_Report.htm
September 23, 2011 at 6:52 am
what messages do the individual logs show?
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
September 23, 2011 at 7:16 am
Here's a log fragment around the error. I can see that there looks like a missing group sid in AD, or is it a local group it's looking for?
Detail.log
2011-09-23 12:15:22 Slp: Sco: Attempting to write hklm registry key SOFTWARE\Microsoft\Microsoft SQL Server to file C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_121003\Registry_SOFTWARE_Microsoft_Microsoft SQL Server.reg_
2011-09-23 12:15:22 Slp: Sco: Attempting to write hklm registry key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall to file C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_121003\Registry_SOFTWARE_Microsoft_Windows_CurrentVersion_Uninstall.reg_
2011-09-23 12:15:22 Slp: Sco: Attempting to write hklm registry key SOFTWARE\Microsoft\MSSQLServer to file C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_121003\Registry_SOFTWARE_Microsoft_MSSQLServer.reg_
2011-09-23 12:15:23 Slp: Sco: Attempting to write hklm registry key SOFTWARE\Wow6432Node\Microsoft\Microsoft SQL Server to file C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_121003\Registry_SOFTWARE_Wow6432Node_Microsoft_Microsoft SQL Server.reg_
2011-09-23 12:15:23 Slp: Sco: Attempting to write hklm registry key SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall to file C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_121003\Registry_SOFTWARE_Wow6432Node_Microsoft_Windows_CurrentVersion_Uninstall.reg_
2011-09-23 12:15:23 Slp: Sco: Attempting to write hklm registry key SOFTWARE\Wow6432Node\Microsoft\MSSQLServer to file C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20110923_121003\Registry_SOFTWARE_Wow6432Node_Microsoft_MSSQLServer.reg_
2011-09-23 12:15:23 Slp: No mapping between account names and security IDs was done.
2011-09-23 12:15:23 Slp: Watson bucket for exception based failure has been created
2011-09-23 12:15:23 SQLEngine: ERROR: Group SID S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 is invalid.
2011-09-23 12:15:23 SQLEngine: FulltextConfigurationPrivate.InstallClustered completed
2011-09-23 12:15:23 SQLEngine: FulltextConfigurationPrivate.Install completed
2011-09-23 12:15:23 Slp: SlpConfigAction.ExecuteAction(actionId: FulltextConfigAction_install_shutdownnoinstance_Cpu64) completed
2011-09-23 12:15:23 Slp: Checkpoint: INSTALL:SHUTDOWNNONINSTANCE:SQL_FULLTEXT_ADV
2011-09-23 12:15:23 Slp: Completed Action: FulltextConfigAction_install_shutdownnoinstance_Cpu64, returned True
2011-09-23 12:15:23 Slp: Completed Action: PreMsiTimingConfigAction, returned True
2011-09-23 12:15:23 Slp: ----------------------------------------------------------------------
sql_engine_core_inst_Cpu64_1
=== Verbose logging started: 23/09/2011 12:15:25 Build type: SHIP UNICODE 5.00.7600.00 Calling process: C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\SQLServer2008R2\x64\setup100.exe ===
MSI (c) (B4:BC) [12:15:25:438]: Resetting cached policy values
MSI (c) (B4:BC) [12:15:25:438]: Machine policy value 'Debug' is 0
MSI (c) (B4:BC) [12:15:25:438]: ******* RunEngine:
******* Product: C:\Software\SQL2K8_ENT_x64_R2_SP1\x64\setup\sql_engine_core_inst_msi\sql_engine_core_inst.msi
******* Action:
******* CommandLine: **********
MSI (c) (B4:BC) [12:15:25:453]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (B4:BC) [12:15:25:453]: Grabbed execution mutex.
MSI (c) (B4:BC) [12:15:25:453]: Cloaking enabled.
MSI (c) (B4:BC) [12:15:25:453]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (B4:BC) [12:15:25:453]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (28:40) [12:15:25:453]: Running installation inside multi-package transaction C:\Software\SQL2K8_ENT_x64_R2_SP1\x64\setup\sql_engine_core_inst_msi\sql_engine_core_inst.msi
MSI (s) (28:40) [12:15:25:453]: Grabbed execution mutex.
MSI (s) (28:90) [12:15:25:453]: Resetting cached policy values
MSI (s) (28:90) [12:15:25:453]: Machine policy value 'Debug' is 0
MSI (s) (28:90) [12:15:25:453]: ******* RunEngine:
******* Product: C:\Software\SQL2K8_ENT_x64_R2_SP1\x64\setup\sql_engine_core_inst_msi\sql_engine_core_inst.msi
******* Action:
******* CommandLine: **********
MSI (s) (28:90) [12:15:25:453]: Machine policy value 'TransformsSecure' is 1
MSI (s) (28:90) [12:15:25:453]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (28:90) [12:15:25:453]: Specified instance {9FFAE13C-6160-4DD0-A67A-DAC5994F81BD} via transform :InstID02.mst;:InstName01.mst is already installed. MSINEWINSTANCE requires a new instance that is not installed.
MSI (s) (28:90) [12:15:25:453]: MainEngineThread is returning 1639
MSI (s) (28:40) [12:15:25:453]: User policy value 'DisableRollback' is 0
MSI (s) (28:40) [12:15:25:453]: Machine policy value 'DisableRollback' is 0
MSI (s) (28:40) [12:15:25:453]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (28:40) [12:15:25:453]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (28:40) [12:15:25:453]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (28:40) [12:15:25:453]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\InProgress 3: 2
MSI (s) (28:40) [12:15:25:453]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\InProgress 3: 2
MSI (s) (28:40) [12:15:25:453]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (s) (28:40) [12:15:25:453]: Restoring environment variables
MSI (c) (B4:BC) [12:15:25:453]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (B4:BC) [12:15:25:453]: MainEngineThread is returning 1639
=== Verbose logging stopped: 23/09/2011 12:15:25 ===
ConfigurationFIle.ini
;SQLSERVER2008 Configuration File
[SQLSERVER2008]
; Specifies a Setup work flow, like INSTALL, UNINSTALL, or UPGRADE. This is a required parameter.
ACTION="AddNode"
; Displays the command line parameters usage
HELP="False"
; Specifies that the detailed Setup log should be piped to the console.
INDICATEPROGRESS="False"
; Setup will not display any user interface.
QUIET="False"
; Setup will display progress only without any user interaction.
QUIETSIMPLE="False"
; Specifies that Setup should install into WOW64. This command line argument is not supported on an IA64 or a 32-bit system.
X86="False"
; Detailed help for command line argument ENU has not been defined yet.
ENU="True"
; The directory for the extracted service pack files used to update the setup media.
PCUSOURCE="C:\Software\SQL2K8_ENT_x64_R2_SP1\PCU"
; Parameter that controls the user interface behavior. Valid values are Normal for the full UI, and AutoAdvance for a simplied UI.
UIMODE="Normal"
; Specify a default or named instance. MSSQLSERVER is the default instance for non-Express editions and SQLExpress for Express editions. This parameter is required when installing the SQL Server Database Engine (SQL), Analysis Services (AS), or Reporting Services (RS).
INSTANCENAME="MSSQLSERVER"
; Specifies the name of the cluster group for the SQL Server failover cluster instance.
FAILOVERCLUSTERGROUP="SQL Server (MSSQLSERVER)"
; Specifies the name of the SQL Server failover cluster instance. This name is the network name that is used to connect to SQL Server services.
FAILOVERCLUSTERNETWORKNAME="SQLCLUSTER"
; Agent account name
AGTSVCACCOUNT="DOMAIN\Xsql-agent"
; A port number used to connect to the SharePoint Central Administration web application.
FARMADMINPORT="0"
; Account for SQL Server service: Domain\User or system account.
SQLSVCACCOUNT="DOMAIN\xsql-server"
; Add description of input argument FTSVCACCOUNT
FTSVCACCOUNT="NT AUTHORITY\LOCALSERVICE"
September 23, 2011 at 7:17 am
Thanks for taking the time to look BTW.
September 26, 2011 at 3:45 am
I'm beginning to think I may have to check the AD groups for the service accounts that I used for security on the primary node.
I'll add the service accounts into AD groups with local admin on both nodes and try again. The accounts have local admin in their own right, but maybe this isn't what it's checking for. There's a chance that it's using a local (node) group created by setup.
September 26, 2011 at 4:08 am
How do I change the AD Group that I specified as part of the cluster security policy?
September 26, 2011 at 7:06 am
I'm now looking at a re-install using a slipstreamed sp3.
September 26, 2011 at 7:08 am
Dr Pliers (9/26/2011)
How do I change the AD Group that I specified as part of the cluster security policy?
so you used legacy group security and not Service SID based security?
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
September 26, 2011 at 7:34 am
I thought I'd used SID security, and I've checked that I'm adding the new node with the same credentials. That's why I thought that the SID mismatch might be something to do with the AD group, but maybe I'm on the wrong track.
In Create a New SQL Server Failover Cluster (Setup) (Step 16) it talks about being able to use both, as you mention.
16. Use this page to specify Cluster Security Policy.
Windows Server 2008 and later versions - Service SIDs (server security IDs) are the recommended and default setting. The option to specify domain groups is available but not recommended. For information about service SIDs functionality on Windows Server 2008, see Setting Up Windows Service Accounts.
I'm a bit confused though, because Setting Up Windows Service Accounts says
...For SQL Server failover clustering installation or SQL Server installation on a domain controller, ACLs will be set for the SQL Server service SID instead of being set for the SQL Server service group, on Windows Vista and Windows Server 2008 operating systems.
So even if I did select legacy AD group, it'd use ACLs for the service SID anyway. Which should be ok, because I use the same AD account when I setup both nodes.
Am I right in my original reading of this message? I assume that it's a mismatch between the AD credentials (or their groups) that I've supplied on setup for the 2nd node and the original node.
September 26, 2011 at 2:18 pm
Mike P Barron (9/26/2011)
I thought I'd used SID security,
What option did you select during installation?
Mike P Barron (9/26/2011)
it talks about being able to use both
No, you use either not both
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
September 26, 2011 at 4:06 pm
I seem to remember seeing this when I built some machines that were on VMs and the SQL boxes were built from the same base image as the AD controller.. Can you tell us a little about physical and virtual in this arrangement.
CEWII
September 27, 2011 at 6:33 am
They're both physical boxes. But you might be onto something here, as they came from a "standard" image. It mightnbe that the sysprep System ID generation didn't work correctly. I'll explore that option.
Thanks.
September 28, 2011 at 2:53 am
Both the nodes OS were installed from original media.
I think I'm going to have to remove the SQL Instance and re-install.
Viewing 13 posts - 1 through 12 (of 12 total)
You must be logged in to reply to this topic. Login to reply