February 11, 2014 at 8:45 pm
Hi all,
Okay I'll admit it, I setup SQL Server 2012 on Windows Server 2012 with the service accounts in the local Administrator group, but now that I'd like to remove the accounts from this group I'm finding they don't have the appropriate access to the network storage. Can someone direct me to an article or MSDN post with notes on setting the per-service SID's for SQL (SQL Engine, Analysis Services, Reporting Services, and Agent Service) so they can read the Data, Log, and TempDB mount points? I'm still learning the ropes with SQL 2012, so this whole per-service SID idea is still something I'm trying to wrap my head around.
Thanks.
June 12, 2015 at 9:59 am
Did you ever get an answer to this? I am running into an issue currently with one of our instances. Thanks.
June 12, 2015 at 2:41 pm
This should be what you are looking for. https://msdn.microsoft.com/en-us/library/ms143504(v=sql.130).aspx
I didn't think it would matter what group the service account was in because the installation assigns the appropriate permissions. Has there been any changes since installation (ie service account changed, drives added/changed). even changing service accounts with the SQL Server configuration manager should assign correct permissions to what ever account you choose. so if you have a window, possible changing service account to something else (local system) then back to your desired service account might solve your issue.
there are cases where I have SQL Server interact with directories that are not the default data or log directories and in those cases i grant NT SYSTEM\MSSQLSERVER local user permission to those directories.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply