April 11, 2008 at 6:34 pm
I realize this is a loongshot but maybe someone could at least point me to an official forum on this topic if nothing else. We have DPM (Data Protetcion Manager) in place which is part of Microsofts Systems Operation Manager suite. It's been working fine, creating recovery points for various DB's on 2 seperate SQL 2005 boxes. One is our live/production box and the other is a DEV box. For some unknown reason as of this mroning DPM is unable to see the DB's on the DEV SQL 2005 box. It can see the drives on that box so the DPM agent on it is working, it just cab't see the SQL Server itself or its DB's. I've checked the setip for the DPM agent and it is using the local system acct while the SQL Server service is using a domain acct that has SYSADMIn level access to the box.
Anyone have any input on this even if it's just a pointer to a DPM specific forumn?
BTW, The guy who setup our DOM system left and none of us left are as familiar with it which is how we got where we are.
Thanks!
Kindest Regards,
Just say No to Facebook!April 12, 2008 at 12:35 am
I'm not familiar with the product, but there are a couple of things it might be.
First, did anyone remove BUILTIN\Administrators or reduce its permissions within SQL Server? Second, if that did happen, was NT Authority\SYSTEM added back and made a member of the sysadmin fixed server role?
K. Brian Kelley
@kbriankelley
April 16, 2008 at 11:18 am
I go here http://www.myitforum.com for alot of SMS, MOM, System Center information.
April 16, 2008 at 12:35 pm
K. Brian Kelley (4/12/2008)
I'm not familiar with the product, but there are a couple of things it might be.First, did anyone remove BUILTIN\Administrators or reduce its permissions within SQL Server? Second, if that did happen, was NT Authority\SYSTEM added back and made a member of the sysadmin fixed server role?
Brain,
Thanks soo much for putting me in the right direction. Something did in deed happen to this account. I would have never thought to check it since it's an account no one should even be thinking about. As I said earlier this is just a dev server so security isn't near as strict as on our production boxes. I think someone accidentally tried something beyond their understanding/skillset and the net result was they broke one the 'do not touch' accounts.
Thanks again!
Kindest Regards,
Just say No to Facebook!Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply