Change SQL Server Agent service account

Similar Messages

• Unable to start SQL server agent service

  hi,
  We have 2 Node SQL Cluster that was working fine. Then We migrated the Linux DNS to Windows DNS successfully.Now restarted the SQL Server after it when we try to start the SQL Server Agent service its says the below msg while machine name and cluster
  entries are in windows dns and resolving the IP to name and name to IP
  Error msg: The MSSQLSERVER service on Local Computer started and then stopped.  Some services stop automatically if they have no work to do, for example, the Performance Logs and Alerts service." error message.
  But whenever we set the Linux DNS Server ip in SQL Servers then it successfully starts the service. Now i want to know why its happening and what are the requirements or DNS entries/SPN which we missing when we migrated the linux DNS to windows
  dns
  Sagar

  I was experiencing this issue or one just like it on one of our SQL clusters (SQL Server 2008 R2, two node).
  The fix for us was the database Security Login for: NT SERVICE\SQLAgent$<instancename>  was missing.  The actual service account assigned to the SQL Agent service was a valid domain account and we had the credentials correct in the service
  configuration, so no changes were needed there.
  Using SQL Server Management Studio we manually added this BUILT IN account ( NT SERVICE\SQLAgent$<instancename> ) to the instance, and then assigned it user role = sysadmin (to go along with the default role = public).
  Once this was done, we tried to restart the clustered SQL Agent service and it started and remained started.
  Hope this helps someone, we spent over a day pouring over the installation trying to find the cause.
  This worked for me, thanks:-)

• Cannot change SQL 2008 R2 Service account from local System to any account

  Windows 7 64 Bit Developer Edition of SQL Server 2008 R2
  Successfully changed SQL Server Agent, SQL Server Reporting Services, SQL  Analysis Services, SQL Server Integeration Services and SQL Full-Text Filter Daemon Launcher from Local System Account to Domain account.  Howerver,  I cannot change
  the SQL Server Account.  The SQL Server Configuration Manager generates the below error:
  WMI Provider ERROR (in window title bar)
  Big red X followed by "The parameter is incorrect. [0x80070057].
  I have tried many things with no luck:
  Tried using a different local administrator account
  Tried putting the Domain account I want to change to in the local admin group
  Tried adding the Domain account I want to change to in all of the SQL created local groups
  I think im going to have to reinstall to change the account.  What up!@!!
  -thanks for any help in advance.  Its probably something dumb i did or did not do.
  scott

  Please try:
  Open SQL Server service's property dialog in SQL Server Configuration Manager.
  Select "This account", and then click "Browser".
  Enter you domain account and then click "Check Names"
  Back to property dialog and input the password
  Please let me know if the issue persists.
  Best Regards
  Alex Feng | Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Starting SQL Server Agent service

  I have a brand new 64-bit laptop and have installed both SQL Server 2014 and SQL Server 2012sp1, but neither instance is able to start its SQL Sever Agent Service.  The error is 1053:  'The service did not respond to the start or control request
  in a timely fashion'. Googling that message does not seem to give helpful step by step solutions. Please help.
  Dave Juergens
  [email protected]
  Dave Juergens

  could you tell us your sql server edition - if it is EXPRESS edition - it does not comes with SQL Server agent. you will sql server agent service in configuration manager but it does not start because the feature is not available.
  you can find the sql edition using. select @@version
  and post the output here
  if it is not Express edition, could you please check the error log or event viewer and if there is more detailed information on the error.
  Hope it Helps!!

• Sql server 2008 service accounts.

  For Sql server agent and Sql Server Database engine a dedicated low privileged
  separate accounts are assigned while installing  Sql  Server 2008 R2.But when
  I am specifying Sql Server feature installation in the setup role and in feature
  selection I am selecting all ,what should be the nature of accounts that I should
  provide for Sql Server Analysis Service and Sql Server Reporting Services?
  If I install Sqlserver 2008R2 in my local machine running under windows-7
  and use a local standard user account to run my DB engine, would I be
  able to access the databases in Sql Server 2008 installed in a remote
  server in the same domain?

  I agree with Erland.
  SQL Service account is used while performing any OS level operation by SQL Server process (sqlservr.exe). On the other hand, the account which is connecting to SQL Server will have it's own permission in Server/Database provided via Logins/Users.
  Balmukund Lakhani | Please mark solved if I've answered your question, vote for it as helpful to help other users find a solution quicker
  This posting is provided "AS IS" with no warranties, and confers no rights.
  My Blog |
  Team Blog | @Twitter
  Author: SQL Server 2012 AlwaysOn -
  Paperback, Kindle

• Replication stopp after change changing SQL Server Agent User

  Hi,
  I tryed to change the user for SQL Server Agent on my Distributor. We use pushed transaction replications. But after i changed the user, all replications stopped:
  ERROR: (from SQL Monitor)
  The job failed.  The Job was invoked by Start Sequence 0.  The last step to run was step 3 (Detect nonlogged agent shutdown.).
  The new user is a domainusert too, and had administrative rights on the server. I changed the user to start SQL Server Agent on other servers without error.
  Can anybody tell me, how to change the user on a distributor, without stopping all replications?
  Thanks
  Kind regards,
  Andreas

  Hi Andreas,
  You are likely running into a permissions issue.
  Verify the Log Reader Agent process account is db_owner in the distribution database and that the account used to connect to the Publisher is db_owner in the publication database.
  Verify the Distribution Agent process account is db_owner in the distribution and subscription databases, is a member of the PAL, and has read permissions on the snapshot share.
  This is covered in
  Replication Agent Security Model.
  Brandon Williams (blog |
  linkedin)

• Can't Start the SQL Server & SQL Server Agent Services

  Hello i had to make a copy of my setup for a coworker in a different country to work with i can't make this two services to start. A timed out error shows and  maybe the logs say something but i can't understand it. 
  Help Please. 
  2014-10-31 12:18:55.66 Server Microsoft SQL Server 2012 - 11.0.2100.60 (X64)
  Feb 10 2012 19:39:15
  Copyright (c) Microsoft Corporation
  Standard Edition (64-bit) on Windows NT 6.1 <X64> (Build 7601: Service Pack 1) (Hypervisor)
  2014-10-31 12:18:55.69 Server (c) Microsoft Corporation.
  2014-10-31 12:18:55.69 Server All rights reserved.
  2014-10-31 12:18:55.69 Server Server process ID is 2540.
  2014-10-31 12:18:55.69 Server System Manufacturer: 'VMware, Inc.', System Model: 'VMware Virtual Platform'.
  2014-10-31 12:18:55.69 Server Authentication mode is MIXED.
  2014-10-31 12:18:55.69 Server Logging SQL Server messages in file 'C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Log\ERRORLOG'.
  2014-10-31 12:18:55.69 Server The service account is 'NT Service\MSSQLSERVER'. This is an informational message; no user action is required.
  2014-10-31 12:18:55.69 Server Registry startup parameters:
  -d C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\master.mdf
  -e C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Log\ERRORLOG
  -l C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\mastlog.ldf
  2014-10-31 12:18:55.69 Server Command Line Startup Parameters:
  -s "MSSQLSERVER"
  2014-10-31 12:18:56.21 Server SQL Server detected 1 sockets with 2 cores per socket and 2 logical processors per socket, 2 total logical processors; using 2 logical processors based on SQL Server licensing. This is an informational message; no user action is required.
  2014-10-31 12:18:56.21 Server SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.
  2014-10-31 12:18:56.21 Server Detected 3071 MB of RAM. This is an informational message; no user action is required.
  2014-10-31 12:18:56.21 Server Using conventional memory in the memory manager.
  2014-10-31 12:18:58.04 Server This instance of SQL Server last reported using a process ID of 2532 at 31/10/2014 12:18:20 p.m. (local) 31/10/2014 06:18:20 p.m. (UTC). This is an informational message only; no user action is required.
  2014-10-31 12:18:58.05 Server Node configuration: node 0: CPU mask: 0x0000000000000003:0 Active CPU mask: 0x0000000000000003:0. This message provides a description of the NUMA configuration for this computer. This is an informational message only. No user action is required.
  2014-10-31 12:18:58.07 Server Using dynamic lock allocation. Initial allocation of 2500 Lock blocks and 5000 Lock Owner blocks per node. This is an informational message only. No user action is required.
  2014-10-31 12:18:58.08 Server Software Usage Metrics is disabled.
  2014-10-31 12:18:58.15 spid5s Starting up database 'master'.
  2014-10-31 12:18:58.71 Server CLR version v4.0.30319 loaded.
  2014-10-31 12:18:59.22 spid5s SQL Server Audit is starting the audits. This is an informational message. No user action is required.
  2014-10-31 12:18:59.24 spid5s SQL Server Audit has started the audits. This is an informational message. No user action is required.
  2014-10-31 12:18:59.81 spid5s SQL Trace ID 1 was started by login "sa".
  2014-10-31 12:18:59.98 spid5s Server name is 'WIN-3FNEFF25D4V'. This is an informational message only. No user action is required.
  2014-10-31 12:19:00.76 spid13s A self-generated certificate was successfully loaded for encryption.
  2014-10-31 12:19:00.80 spid13s Server is listening on [ 'any' <ipv6> 1435].
  2014-10-31 12:19:00.80 spid13s Server is listening on [ 'any' <ipv4> 1435].
  2014-10-31 12:19:00.80 spid13s Server is listening on [ 'any' <ipv6> 1433].
  2014-10-31 12:19:00.80 spid13s Server is listening on [ 'any' <ipv4> 1433].
  2014-10-31 12:19:00.80 spid13s Server local connection provider is ready to accept connection on [ \\.\pipe\SQLLocal\MSSQLSERVER ].
  2014-10-31 12:19:00.80 spid13s Server local connection provider is ready to accept connection on [ \\.\pipe\sql\query ].
  2014-10-31 12:19:00.80 Server Server is listening on [ ::1 <ipv6> 1434].
  2014-10-31 12:19:00.80 Server Server is listening on [ 127.0.0.1 <ipv4> 1434].
  2014-10-31 12:19:00.80 Server Dedicated admin connection support was established for listening locally on port 1434.
  2014-10-31 12:19:00.81 Server SQL Server is attempting to register a Service Principal Name (SPN) for the SQL Server service. Kerberos authentication will not be possible until a SPN is registered for the SQL Server service. This is an informational message. No user action is required.
  2014-10-31 12:19:00.81 spid13s SQL Server is now ready for client connections. This is an informational message; no user action is required.
  2014-10-31 12:19:00.81 Server The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/WIN-3FNEFF25D4V ] for the SQL Server service. Windows return code: 0xffffffff, state: 63. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
  2014-10-31 12:19:00.81 Server The SQL Server Network Interface library could not register the Service Principal Name (SPN) [ MSSQLSvc/WIN-3FNEFF25D4V:1433 ] for the SQL Server service. Windows return code: 0xffffffff, state: 63. Failure to register a SPN might cause integrated authentication to use NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies and if the SPN has not been manually registered.
  2014-10-31 12:19:00.86 Server Common language runtime (CLR) functionality initialized using CLR version v4.0.30319 from C:\Windows\Microsoft.NET\Framework64\v4.0.30319\.
  2014-10-31 12:19:22.49 spid15s A new instance of the full-text filter daemon host process has been successfully started.
  2014-10-31 12:19:22.68 spid17s Starting up database 'msdb'.
  2014-10-31 12:19:22.69 spid9s Starting up database 'mssqlsystemresource'.
  2014-10-31 12:19:22.69 spid18s Starting up database 'CMOVILBD'.
  2014-10-31 12:19:22.69 spid19s Starting up database 'ArgusTec'.
  2014-10-31 12:19:22.71 spid9s The resource database build version is 11.00.2100. This is an informational message only. No user action is required.
  2014-10-31 12:19:22.90 spid9s Starting up database 'model'.
  2014-10-31 12:19:23.36 spid9s Clearing tempdb database.
  2014-10-31 12:19:23.46 spid9s Starting up database 'tempdb'.
  2014-10-31 12:19:23.67 spid20s The Service Broker endpoint is in disabled or stopped state.
  2014-10-31 12:19:23.67 spid20s The Database Mirroring endpoint is in disabled or stopped state.
  2014-10-31 12:19:23.73 spid20s Service Broker manager has started.
  2014-10-31 12:19:24.67 spid5s Recovery is complete. This is an informational message only. No user action is required.
  2014-11-01 00:00:08.70 spid28s This instance of SQL Server has been using a process ID of 2540 since 31/10/2014 12:19:24 p.m. (local) 31/10/2014 06:19:24 p.m. (UTC). This is an informational message only; no user action is required.
  2014-11-02 00:00:23.48 spid29s This instance of SQL Server has been using a process ID of 2540 since 31/10/2014 12:19:24 p.m. (local) 31/10/2014 06:19:24 p.m. (UTC). This is an informational message only; no user action is required.
  2014-11-03 00:00:53.66 spid29s This instance of SQL Server has been using a process ID of 2540 since 31/10/2014 12:19:24 p.m. (local) 31/10/2014 06:19:24 p.m. (UTC). This is an informational message only; no user action is required.
  2014-11-04 00:00:08.08 spid19s This instance of SQL Server has been using a process ID of 2540 since 31/10/2014 12:19:24 p.m. (local) 31/10/2014 06:19:24 p.m. (UTC). This is an informational message only; no user action is required.
  2014-11-04 18:03:23.74 spid53 Attempting to load library 'xpsqlbot.dll' into memory. This is an informational message only. No user action is required.
  2014-11-04 18:03:23.79 spid53 Using 'xpsqlbot.dll' version '2011.110.2100' to execute extended stored procedure 'xp_qv'. This is an informational message only; no user action is required.
  2014-11-04 18:03:24.72 spid54 Attempting to load library 'xpstar.dll' into memory. This is an informational message only. No user action is required.
  2014-11-04 18:03:24.78 spid54 Using 'xpstar.dll' version '2011.110.2100' to execute extended stored procedure 'xp_instance_regread'. This is an informational message only; no user action is required.
  2014-11-04 18:03:27.74 spid53 Starting up database 'Argus'.
  2014-11-04 18:28:12.10 spid52 Attempting to load library 'xplog70.dll' into memory. This is an informational message only. No user action is required.
  2014-11-04 18:28:12.13 spid52 Using 'xplog70.dll' version '2011.110.2100' to execute extended stored procedure 'xp_msver'. This is an informational message only; no user action is required.
  2014-11-05 00:00:26.82 spid18s This instance of SQL Server has been using a process ID of 2540 since 31/10/2014 12:19:24 p.m. (local) 31/10/2014 06:19:24 p.m. (UTC). This is an informational message only; no user action is required.

  Sorry i feel so stupid. Here it is.  I can clearly see the errors now
  2014-11-05 10:49:47.43 Server Microsoft SQL Server 2008 (SP1) - 10.0.2531.0 (X64)
  Mar 29 2009 10:11:52
  Copyright (c) 1988-2008 Microsoft Corporation
  Express Edition (64-bit) on Windows NT 6.1 <X64> (Build 7601: Service Pack 1) (VM)
  2014-11-05 10:49:47.43 Server (c) 2005 Microsoft Corporation.
  2014-11-05 10:49:47.43 Server All rights reserved.
  2014-11-05 10:49:47.43 Server Server process ID is 4596.
  2014-11-05 10:49:47.43 Server System Manufacturer: 'VMware, Inc.', System Model: 'VMware Virtual Platform'.
  2014-11-05 10:49:47.43 Server Authentication mode is MIXED.
  2014-11-05 10:49:47.43 Server Logging SQL Server messages in file 'c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Log\ERRORLOG'.
  2014-11-05 10:49:47.43 Server This instance of SQL Server last reported using a process ID of 5720 at 05/11/2014 10:28:35 a.m. (local) 05/11/2014 04:28:35 p.m. (UTC). This is an informational message only; no user action is required.
  2014-11-05 10:49:47.43 Server Registry startup parameters:
  -d c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\master.mdf
  -e c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Log\ERRORLOG
  -l c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\mastlog.ldf
  2014-11-05 10:49:47.44 Server SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.
  2014-11-05 10:49:47.44 Server Detected 2 CPUs. This is an informational message; no user action is required.
  2014-11-05 10:49:47.46 Server Using dynamic lock allocation. Initial allocation of 2500 Lock blocks and 5000 Lock Owner blocks per node. This is an informational message only. No user action is required.
  2014-11-05 10:49:47.49 Server Node configuration: node 0: CPU mask: 0x0000000000000003 Active CPU mask: 0x0000000000000003. This message provides a description of the NUMA configuration for this computer. This is an informational message only. No user action is required.
  2014-11-05 10:49:47.50 spid7s Starting up database 'master'.
  2014-11-05 10:49:47.59 spid7s FILESTREAM: effective level = 0, configured level = 0, file system access share name = 'SQLEXPRESS'.
  2014-11-05 10:49:47.60 spid7s SQL Trace ID 1 was started by login "sa".
  2014-11-05 10:49:47.60 spid7s Starting up database 'mssqlsystemresource'.
  2014-11-05 10:49:47.61 spid7s The resource database build version is 10.00.2531. This is an informational message only. No user action is required.
  2014-11-05 10:49:47.67 spid7s Server name is 'WIN-3FNEFF25D4V\SQLEXPRESS'. This is an informational message only. No user action is required.
  2014-11-05 10:49:47.67 spid10s Starting up database 'model'.
  2014-11-05 10:49:47.68 spid7s Informational: No full-text supported languages found.
  2014-11-05 10:49:47.68 spid7s Starting up database 'msdb'.
  2014-11-05 10:49:47.76 spid10s Clearing tempdb database.
  2014-11-05 10:49:47.83 Server A self-generated certificate was successfully loaded for encryption.
  2014-11-05 10:49:47.83 Server Error: 26023, Severity: 16, State: 1.
  2014-11-05 10:49:47.83 Server Server TCP provider failed to listen on [ 'any' <ipv6> 1433]. Tcp port is already in use.
  2014-11-05 10:49:47.83 Server Error: 17182, Severity: 16, State: 1.
  2014-11-05 10:49:47.83 Server TDSSNIClient initialization failed with error 0x2740, status code 0xa. Reason: Unable to initialize the TCP/IP listener.
  2014-11-05 10:49:47.83 Server Error: 17182, Severity: 16, State: 1.
  2014-11-05 10:49:47.83 Server TDSSNIClient initialization failed with error 0x2740, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors.
  2014-11-05 10:49:47.83 Server Error: 17826, Severity: 18, State: 3.
  2014-11-05 10:49:47.83 Server Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
  2014-11-05 10:49:47.83 Server Error: 17120, Severity: 16, State: 1.
  2014-11-05 10:49:47.83 Server SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

• DBACOCKPIT uses MS SQL Server Agent service?

  Hello
  I am trying to make backup from DBACOCKPIT to a netowrk location.
  If i go to MS SQL SERVER AGENT and define log on by a domain user i get the error
  "Executed as user: GOLDENFOODS\kkoulis. Must declare the scalar variable "@location1". [SQLSTATE 42000] (Error 137) "
  anybody can help with the solution?
  thx

  Hello
  Yes i have created it to the location which you mention and it works fine.
  After if i go to SAP at the transaction DBACOCKPIT and try to run a FULL or LOG backup there, i have the following error:
  SQL Job information   ******************************
  Jobname:    SAP CCMS Log Backup of GDW [20110802094537-2-094537]
  Type:       TSQL
  DB-Name:    GDW
  For Run:    20110802  09:45:37
  Job history information  *****************************
  Stepname:   CCMS-step 1
  Command:    declare @exeStmt nvarchar(2000) exec gdw.sap_backup_databases @dbList=
              "GDW",@r3Db="GDW",@bDev="@FisticLOG2",@expDays= 27,@jobName= "SAP CCMS
               Log Backup of GDW [20110802094537-2-094537]",@bkupChecksum="N",@bkupC
              ompress="N",@bkupType="L",@nativeBkup="N",@exeDate = "20110802094537",
              @bkupSim = "N",@format = 0,@init = 0,@bkupDb = "GDW",@unload = 0,@exeS
              tmt = @exeStmt OUTPUT
  Status:     (failure)
  Message:    2528
  Severity:                                                                                15
  Duration:   0  hours(s)  0  min(s) 0  sec(s)
  Last msg:   Executed as user: GOLDENFOODS\kkoulis. Must declare the scalar variabl
              e "@FisticLOG2". [SQLSTATE 42000] (Error 137)  Incorrect syntax near t
              he keyword 'with'. If this statement is a common table expression, an
              xmlnamespaces clause or a change tracking context clause, the previous
               statement must be terminated with a semicolon. [SQLSTATE 42000] (Erro
              r 319)  DBCC execution completed. If DBCC printed error messages, cont
              act your system administrator. [SQLSTATE 01000] (Error 2528).  The ste
              p failed.
                      <----
  End of Job Step History -
  >
  thx in advance

• Changing sql server service and sql server agent service startup account in SQL Server hosting SharePoint DB

  Hi 
  i have a sharepoint deployment with one SQL Server (running on VM) hosting the config DB and another SQL Server (Physical Host because VM was running out of space) to host the huge Content DBs. I need to schedule automatic backups of the Content DBs to a
  network share. For that i need to run the SQL Server Service with an account having permissions to the share as suggested in https://support.microsoft.com/kb/207187?wa=wsignin1.0
  I tried changing the logon as a service account to a domain
  account which has permissions to the Network Share and is also in local Administrators group of SQL Server and has "public and sysadmin" roles in SQL Server but that caused an issue. the SharePoint Web Application started showing a White Screen so
  I had to revert back to the default accounts i.e. NT Service\SQLSERVERAGENT and NT Service\MSSQLSERVER. I viewed the event logs . These are the types of error i got after changing the logon as a service account to a domain account
  1) Information Rights Management (IRM): Retried too many times to initialize IRM client. Cannot retry more. Retried times is:0x5.
  System
  Provider
  [ Name]
  Microsoft-SharePoint Products-SharePoint Foundation
  [ Guid]
  {6FB7E0CD-52E7-47DD-997A-241563931FC2}
  EventID
  5148
  Version
  15
  Level
  2
  Task
  9
  Opcode
  0
  Keywords
  0x4000000000000000
  TimeCreated
  [ SystemTime]
  2015-02-02T04:46:04.750899500Z
  EventRecordID
  176477
  Correlation
  [ ActivityID]
  {8FACE59C-1E17-50D0-7135-25FDB824CDBE}
  Execution
  [ ProcessID]
  6912
  [ ThreadID]
  8872
  Channel
  Application
  Computer
  Security
  [ UserID]
  S-1-5-21-876248814-3204482948-604612597-111753
  EventData
  hex0
  0x5
  2)
  Unknown SQL Exception 0 occurred. Additional error information from SQL Server is included below.
  The target principal name is incorrect.  Cannot generate SSPI context.
  System
  Provider
  [ Name]
  Microsoft-SharePoint Products-SharePoint Foundation
  [ Guid]
  {6FB7E0CD-52E7-47DD-997A-241563931FC2}
  EventID
  5586
  Version
  15
  Level
  2
  Task
  3
  Opcode
  0
  Keywords
  0x4000000000000000
  TimeCreated
  [ SystemTime]
  2015-02-02T07:01:35.843757700Z
  EventRecordID
  176490
  Correlation
  [ ActivityID]
  {50B4E59C-5E3A-50D0-7135-22AD91909F02}
  Execution
  [ ProcessID]
  6912
  [ ThreadID]
  5452
  Channel
  Application
  Computer
  Security
  [ UserID]
  S-1-5-17
  EventData
  int0
  0
  string1
  The target principal name is incorrect. Cannot generate SSPI context.

  Hi Aparna,
  According to your description, you get the above two errors when scheduling backups of Content DB. Right?
  Based on those two error messages, they are related to the service principal name(SPN) for SQL Server service. Please verify the if the SPN is registered successfully. You can view it in ADSI Edit or use command line. Please see:
  http://blogs.msdn.com/b/psssql/archive/2010/03/09/what-spn-do-i-use-and-how-does-it-get-there.aspx
  When installing SQL Server, those two services below should be registered:
          MSSQLSvc/servername:1433      
          MSSQLSvc/servername
  Please check if those SPNs or duplicated SPNs exist. You can use command to reset SPN or remove duplicated SPN and add new one. See:
  Setspn.
  We have also met this issue when this SPN is registered under Administrator. Please try to register it under Computer. You can add it in ADSI Edit.
  If you have any question, please feel free to ask.
  Simon Hou
  TechNet Community Support

• How to find who has changed SQL Server Agent 'Job History' settings.

  Hi all,
  I was searching from couple of days to know is there a way to find out who has changed the SQl agent property settings.
  Like if someone unchecks the SQL Agent History settings how i can find who has done that change?
  I searched for trace flags but there is nothing related to it, i searched for system tables and views of msdb but nothing which can give this information, even didn't find any audit setting that can monitor these activities.
  My sql version is SQL Server 2008. Please throw your ides on how to track the sql agent history setting changes!!!
  Thanks In Advance!!!!
  VVinayPrasad

  Hi,
  You might be able to AUDIT the execute on that SP but its not giving exactly what has been changed... i guess you are getting what i am looking for...
  whatever the property might be changed it only shows the sp name thats it.... but not the exact sql statement executed on background
  VVinayPrasad
  First of all: It's not about me, it's about you. And it's not a might, its a given fact. I
  tested it for you.
  Second: your question was:
  >>I was searching from couple of days to know is there a way to find out
  who has changed the SQl agent property settings.
  >>Like if someone unchecks the SQL Agent History settings how i can find who has done that change?
  So please first clear up, what you really need.
  Third: instead of Auditing I already gave the advise to use Tracing (be it SQLTrace or Extended Events). Both will give you the exact statement. SQLTrace may be easier on SQL2008
  Please try all of the provided first before doing guesswork.
  Andreas Wolter (Blog |
  Twitter)
  MCM - Microsoft Certified Master SQL Server 2008
  MCSM - Microsoft Certified Solutions Master Data Platform, SQL Server 2012
  www.andreas-wolter.com |
  www.SarpedonQualityLab.com

• Scheduling SSIS packages to run using SQL Server Agent Service

  The job failed.  The Job was invoked by Schedule 11 (run package).  The last step to run was step 1 (Execute Package)". how do i resolve this?

  Most probable causes: the developer runs the package in BI studio, it works. The job is deployed and runs in a schedule.
  the sql job agent does not have same rights as the developer.
  the test in BI studio was doen in 32-bit mode , the job by default ran in 64-bit mode. some oledb-odbc drivers may not work.
  Jan D'Hondt - SQL server BI development

• SQL server agent job running as Agent Service Account whose service account does not have r/w access but is still able to write?

  Hi. I am newer to SQL server security and am reviewing some of our SQL server's configuration to make sure the services are running under accounts with least privilege.  I have a SQL server 2012 instance whose Agent service is configured to run
  under an AD user account named 'SQLServices'.  The jobs on this server are configured to run as 'SQL server agent service account', which means they should execute as user 'SQLServices'.  The jobs are set up to execute SSIS packages which read and
  write to a database on the same server where the agent job is scheduled and SSIS package installed (all on same server).  The jobs are currently executing without error and are reading writing data correctly.  Upon close examination, it turns out the
  SQLServices account is not assigned to the 'sysadmin' role and had no users mapped to any databases on this server.  How are these jobs working?  I verified in profiler that the login name indeed is 'SqlServices'.  I also verified
  that SQLServices login has no database access by remote-ing onto the server and trying to log into the DB, and access was denied as expected.  According to the literature, the Agent service needs to be a member of 'sysadmin role' but I am reading
  some cases where that is not necessarily the case.  So this is not so concerning.  What is concerning is that the login 'SQLServices' had no access to the databases on that server yet it is reading and writing to the databases as if it does. 
  The only thing I can think of is maybe jobs run as 'SQL server agent service account' on the same server as the databases it r/w to somehow has some kind of default access.  What am I missing here?  Any input would be helpful.

  After 2 days on this forum I found the answer to my own question.  In retrospect, I should have posted this under 'SQL Server Security', but I didn't know it existed.
  The 2 threads below explain that Sql agent actually runs using SID (service) NT SERVICE\SQLSERVERAGENT if you chose that when you installed.  This will automatically create an associated login NT SERVICE\SQLSERVERAGENT in SQL server with sqladmin
  role.  This is the login that Agent uses to connect to the local instance of SQL server.  If you changed to domain account to run the service during install or after using config manager, basically NT SERVICE\SQLSERVERAGENT is still
  used to connect to your local instance behind the scenes (even though you will still see your domain user as account), and the domain account is used to reach outside the server. 
  https://social.msdn.microsoft.com/Forums/sqlserver/en-US/9e6bb2de-8fd0-45de-ab02-d59bbe05f72e/servicedatabase-accounts-nt-servicemssqlserver-nt-servicesqlserveragent-what-are-they-for
  https://social.technet.microsoft.com/Forums/sqlserver/en-US/b83a52fd-fe11-4c28-a27b-88be8ae79f2a/how-do-i-change-sql-server-agent-service-account-to-nt-servicesqlserveragent?forum=sqlsecurity

• SSIS Package Fails when Scheduled as a SQL Server Agent Job

  I have an SSIS package that runs without any problems when executed through BIDS.
  However, when I schedule the SSIS as an Agent job, it fails completely or part way through. When it partially runs, the part that it is failing on is a Script Task that moves the source data file to an archive folder (on the same server).
  I have tried using my domain account as the owner of the job, then the job fails straight off and I get an error:
  Unable to determine if the owner (Domain\MyID) of job JobName has server access (reason: Could not obtain information about Windows NT group/user 'Domain\MyID'
  If I change the owner to the 'sa' account , then the job partially runs, but then fails because 'sa' is a SQL account and does not have access to the filesystem.
  I have managed to get it to work by using the SQL2008_Local account and granting modify permissions to the affected folders.
  My question is - what is the advised way of doing this?
  Thanks
  Gary

  Hi Garyv.King,
  When you see a SSIS package fails running in a SQL Agent job, you need to first consider the following conditions:
  1. The user account that is used to run the package under SQL Server Agent differs from the original package author.
  2. The user account does not have the required permissions to make connections or to access resources outside the SSIS package.
  For more detailed information about the issue, please following this KB article:
  An SSIS package does not run when you call the SSIS package from a SQL Server Agent job step
  http://support.microsoft.com/kb/918760 
  You can check SQL Server Agent’s activity logs, Windows Event logs and SSIS logs to get more clues. Also the tool Process Monitor is helpful to track the cause of registry or file access related issues.
  The following 4 issues are common encountered in the SSIS forum.
  1. The package's Protection Level is set to EncryptSensitiveWithUserKey but your SQL Server Agent service account is different from the SSIS package creator.
  2. Data source connection issue.
  3. File or registry access permission issue.
  4. No 64-bit driver issue.
  For more information about it, please see:
  How do I troubleshoot SSIS packages failed execution in a SQL Agent job:
  http://social.technet.microsoft.com/Forums/en-US/sqlintegrationservices/thread/e13c137c-1535-4475-8c2f-c7e6e7d125fc 
  Thanks,
  Eileen

• Not able to run the SSIS package in SQL Server Agent Job in SQL 2012

  Hi,
  I scheduled a job (SQL SERVER AGENT) which will call my SSIS package. This package will execute 5 packages in loop.
  When I execute this job I am getting error as below
  ============================================================
  Started  : 12:30:19 PM 
  Error  : 2014-01-23 12:30:20.37    
  Code  : 0xC00220EC    
  Source  : Execute Package Task     
  Description : Error 0x80070005. Failed to create an instance of empty child package.
      The Distributed Component Object Model (DCOM) configuration or the installation of SQL Server Integration Services,
      may be corrupted on your machine.  End Error 
  Error  : 2014-01-23 12:30:20.37    
  Code  : 0xC00220DE    
  Source  : Execute Package Task     
  Description : Error 0x80070005 while loading package file "D:\SSIS\RetailMobileApp\Staging_Pkg\stg_Category_Master.dtsx". Access is denied.End Error 
  DTExec  : The package execution returned DTSER_FAILURE (1). 
  Started  : 12:30:19 PM 
  Finished : 12:30:20 PM 
  Elapsed  : 1.123 seconds. 
  The package execution failed. 
  The step failed.
  ============================================================
  In the STEPS I have selected as follows:
  Type  : SQL Server Integration Services Package
  Run as: SQL Server Agent Service Account
  Package Source: File System
  What config I need to check here ? This job is not able to access the package stored in the folder.
  Sridhar

  Thanks for your reply. I had created credentials and used this while creating the Proxy account. With the Proxy account I am able to execute the Job Successfully. Concern here is I used my NT account to create this Proxy. Suppose If I left from the
  current project if some one is coming to this project later they need to change the credential with their NT account and run the JOB? Is this right way or we an create any other account in common? If so how?
  Sridhar

• SQL Server Agent job between 2 instances fails with Error 18456 - Login Failed for user

  Hi,
  SQL Server version: 2012 EE
  OS: Windows 2008 R2 Enterprise
  In my server, i have 2 instances, and I am trying to configure a SQL Server Agent job to query one table in Instance A, and insert some modified data in Instance B, both in the same server.
  When i execute the job in instance A, i get the following error:
  Executed as user: NT SERVICE\SQLSERVERAGENT. Login Failed for user "NT SERVICE\SQLSERVERAGENT". [SQLSTATE 28000] (Error 18456). The step failed.
  I have already configure instance A as Master and disabled encryption, by changing the parameter MsxEncryptChannelOptions to 0 in regedit. I've also made my target instance (instance B) as a Target.
  What am i missing?
  Thanks for your attention and pacience

  Hello,
  The NT SERVICE\SQLSERVERAGENT (virtual) account is not available on the other as you just mentioned. That is the reason for the login
  failed error. Try using a Windows login as the
  SQL Server Agent service account in both servers, the same Windows login (not a virtual account), and run jobs as the “sa” account.
  http://msdn.microsoft.com/en-us/library/ms345578.aspx
  You can also try a proxy account.
  http://technet.microsoft.com/en-US/library/ms190698(v=SQL.105).aspx
  Hope this helps.
  Regards,
  Alberto Morillo
  SQLCoffee.com