August 13, 2010 at 11:20 am
I am basically facing saperate problems here. Both of the problem shave been triggered by supposedly one event. The computer is on active directory domain and when SQL server was installed on the system, there was a different user using the system. Now that user has been deleted from the domain and a new user is using the system.
Since the new user is created, SQL server started acting crazy. It gives 2 separate kind of errors on 2 separate events.
1. When I try to connect to the local instance, it gives error which says "Login failed for user kde\opusonecorp ( that is my current user on the domain)
2. This may be completely different thing but started showing up since the new user is created. This occurs when i try to connect my local SSMS to a remote instance, it says "Unable to cast COM object of type "system._comobject to interface type "Microsoft.VisualStudio.OLE.interop.Iserviceprovider" call on COM interface failed due to the following error:No such interface supported"
I am not sure whether there is any relationship between these two errors but they started showing up at the same time after en event occured, i just wanted to give you all the pieces of this puzzle.
Is there anything that anyone can suggest?
August 13, 2010 at 11:53 am
Can you confirm the accounts that SQL Server itself is running on? That would be in the Services control panel on the server itself. Could be that the user put himself on as the login account for the service. First thing I would check anyway.
August 13, 2010 at 12:11 pm
When I went to services-- SQL server service. It says log on as "Network service". There is not user specified. instead of a user it says Network services. I am not sure what is that supposed to mean.......
August 13, 2010 at 12:15 pm
That's probably OK for now, it wouldn't cause your problem. It would only be a problem if SQL Server had to do anything over the network like backup to a network share.
Can you confirm whether you are local admin to the box? The error you are getting is login failed, which means your account doesn't have access to the server. While best practice is to remove BUILTIN\Administrators from the logins, by default it is there and sysadmin. You need to log in with local admin credentials to see if that gets you logged in or not.
August 13, 2010 at 12:49 pm
Ok. Actually I have not used the local admin even once in this box. I have always been using active directory user. And even now when I say Local, i am actually enetring active directory credentials and when I said that I am using the username opusonecorp\kde that is domain opusonecorp and user kde.
Should I change anything?
August 13, 2010 at 1:00 pm
Make certain that the AD account you log in with is in the Administrators group on the local server.
August 13, 2010 at 1:17 pm
Well, I added the user with which I am trying to log on to the sql server to the user list of my local SQL instance and then I am facing the error type 3.
which says:
"TITLE: Connect to Server
------------------------------
Cannot connect to local.
------------------------------
ADDITIONAL INFORMATION:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 3)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=3&LinkId=20476
------------------------------
BUTTONS:
OK
------------------------------
August 13, 2010 at 1:55 pm
The Service account should be configured as “trusted for delegation” to permit distributed queries (parameter is in the same place as the password not expire param)
NOTE it MUST have a non-expiring password.
http://msdn.microsoft.com/en-us/library/aa905162(SQL.80).aspx
http://msdn.microsoft.com/en-us/library/ms189580.aspx
Privileges
Make sure service account has the following permissions.
-Act as Part of the Operating System = SeTcbPrivilege
-Bypass Traverse Checking = SeChangeNotify
-Lock Pages In Memory = SeLockMemory
-Log on as a Batch Job = SeBatchLogonRight
-Log on as a Service = SeServiceLogonRight
-Replace a Process Level Token = SeAssignPrimaryTokenPrivilege
NOTE it MUST have a non-expiring password.
Regards
Regards
Hema.,
August 13, 2010 at 4:28 pm
How do I check the settings that you stated above??
August 16, 2010 at 9:26 am
To confirm privileges
-Control Panel -> Administrative Tools -> Local Security Policy
-Then Local Policies -> User Rights Assignment
Regards
Hema.,
Regards
Hema.,
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply