April 16, 2013 at 3:00 am
Hello,
We had a case where in the domain account which is running SQL server got locked.
Database connectivity through management studio and applciations worked fine.
Report services showed the reports how ever the connectivity failed saying account locked.
Did any one faced these kind of issue before.
I need to identify this issue and alert, if it possible.
second i need to find how many jobs not started on that particular day, if there is an issue as an alert.
Are the above possible if i need to check some thing more please share your suggestions.
our server team havent identified the root cause yet. any suggestion where i can start with.
Regards
Durai Nagarajan
April 16, 2013 at 3:45 am
Hello Frnd......
you can unlocked user:
Login with administrator--> open a local user and group manager .
In the right pane under the Name column, double click on the locked out user account.
Uncheck the Account is locked out box, and click on OK.
you can check in event log why this account was locked.
Rajesh Singh
DBA(HCL Comnet)
+919560888360
Rajesh Singh
DBA(HCL Comnet)
+91-0560888360
April 16, 2013 at 4:19 am
Hello,
Forgot to mention we (our team) dont have access to do that.
is there a way to indentify the state and alert.
Regards
Durai Nagarajan
April 16, 2013 at 11:56 pm
any suggestions?
Regards
Durai Nagarajan
April 17, 2013 at 12:10 am
Speak to your AD team, ask them to set the account to not allow interactive logins (users should not be using the service account) and ask them if they can put any alerts or notifications to let them or you know if the account does become locked. If it does, you should investigate who or what is entering a bad password and resolve the source of the problem.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
April 17, 2013 at 12:35 am
thanks gail
hope i understand that we cant do through sql.
Regards
Durai Nagarajan
April 17, 2013 at 12:38 am
No, you can't access the Active Directory list of logins and users via T-SQL.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
April 17, 2013 at 12:59 am
thanks again gail.
Regards
Durai Nagarajan
April 17, 2013 at 1:16 am
On a SQL Server, you can hunt down your event logs (may be security logs) and search for SQL Server service account and find some information related to it as when and who locked it. It does have a MAJOR IMPACT if SQL Servers that run under this locked account have rebooted. Server (OS) will start but SQL WILL NOT START.
So check your event logs and check with your AD Team as well as Gail suggested. Also, her suggestion regarding diabling interactive login of service account is very valid. It is very important.
Thanks,
Vikas
April 18, 2013 at 4:55 am
LDAP queries?
April 18, 2013 at 5:14 am
hope this is querying AD.
we dont have access.
Regards
Durai Nagarajan
Viewing 11 posts - 1 through 10 (of 10 total)
You must be logged in to reply to this topic. Login to reply