Need Help! About SQLServerAgent Account In Repl...
Aug 9, 2000
When I using Create Publication Wizard for database 'MY DATABASE', and setup 'MY SERVER' as the Distributor, then I get a message:
SQLServer Agent on 'MY SERVER' current uses a system acount, which cause replication between servers to fail. In the following dialog, specify a domain account for the Service startup account.
I don't understand this message (current in SQL Server Agent properties, tab Service startup account using System account)? Anyone can explain to me?
Hi there,BOL notes that in order for replication agents to run properly, theSQLServerAgent must run as a domain account which has privledges to loginto the other machines involved in replication (under "SecurityConsiderations" and elsewhere). This makes sense; however, I waswondering if there were any repercussions to using duplicate localaccounts to establish replication where a domain was not available.Anotherwords, create a local windows account "johndoe" on both machines(with the same password), grant that account access to SQL Server onboth machines, and then have SQL Server Agent run as "johndoe" on bothmachines. I do not feel this is an ideal solution but I havecircumstances under which I may not have a domain available; mypreliminary tests seem to work.Also, are there any similar considerations regarding the MSSQLSERVERservice, or can I always leave that as local system?Dave
I recently installed SQL Server 2005 and setup a database for one of the systems that I support as a DBA. After installation and the system, which has remote developers, was tested successfully, our security group performed a security scan on the SQL server. The scan revealed a few potential vulnerabilities. Below are the questionable items that the scan identified within the Windows User Rights Assignment. I believe the SQL Server installation assigns these system privileges to the SQLServer and SQLServerAgent accounts by default. I'd like to know how many, if any of these privileges, are necessary.
1) SQLServer and SQLServerAgent accounts have "Bypass Traverse Setting" privilege within Windows User Rights Assignment
2) SQLServer and SQLServerAgent accounts have "Log on as Batch Job" privilege within Windows User Rights Assignment. I realize I need this to schedule SQL Server jobs which run batch jobs and such, but any other reason to keep this privilege.
3) SQLServer and SQLServerAgent accounts have "Memory Quota" privilege within Windows User Rights Assignment
4) SQLServer and SQLServerAgent accounts have "Replace Process Token" privilege within Windows User Rights Assignment
Any guidance on this would be greatly appreciated.
During install of SQL Server 2005, we can of course use a domain account or the built-in system account for running the services. I lean toward domain for obvious reaons but would like to know a +/- to each option and why I'd choose one over the other and what consequences or limitations one may encounter if I choose one over the other.
I have been running a script in SQL Server 2000 as sa also as a Active Directory user who has administrator rights (I tested both approaches SQL Server then Windows Authentication) in Query Analyser which grants execute rights to the stored procedures within the database instance and Query Analyser does not give any errors when I run the script. I have made sure that each transaction has a go after it. I then return to Enterprise Manager, check the rights (I apply them to roles so that when we create another SQL Server user we just grant him/her rights to the role) and discover that the role has not been granted the rights. I seems to be occurring only with 2 of the procedures. Is there a known bug that might be causing this?
I have several DTS jobs that runs well as a job with my nt login account for the SQL agent service startup account, but if I use the System account they fail with this error. " Error opening datafile: Access is denied. Error source: Microsoft Data Transformation Services Flat File Rowset Provider"
The data has change access to the System account under the NT security.
Basically a dts package has been setup that pulls in data from another companies server, this data requires to be on-demand i.e individual users can pull in updates of the data when they require it.
I am using xp_cmdshell and dtsrun to pull in the data. This obviouly works fine for me as i am a member of sysadmin.
Books online quotes " SQL Server Agent proxy accounts allow SQL Server users who do not belong to the sysadmin fixed server role to execute xp_cmdshell"
So i went to the SQL Server Agent Properties 'Job System' tab and unchecked 'Non-sysadmin job step proxy account' and entered a proxy account.
The proxy account has been setup as a Windows user with local administrator privilages and even a member of the sysadmin server role - just in case.
Now when i log onto the db with my test account - a non-sysadmin - and attempt to run the stored proc to import the data i recieved the message 'EXECUTE permission denied on object 'xp_cmdshell', database 'master', owner 'dbo' '
hmm... so basically i have either misunderstood BoL or there is something not quite right in my setup.
I have search the net for a few days now and yet i can find no solution.
The problem case for transactional replication in MS SQL 7.0 is as follows: Server A (intended publisher) Server B (distributor, intended subscriber)
When configuring replication, the distributor (B) can be configured easily; the publisher (A) that uses B as its distributor will not allow for a publication to be created using either the Enterprise Manager wizards or TSQL commands. The error '627: Cannot use SAVE TRANSACTION within a distributed transaction' occurs when creating the publication.
Is it safe to change 'max text repl size (B)' on a live system while it is running with users and services running?? I'm using SQL Server 7.0 running on Windows 2000.
one week ago, for testing purpose, I set up trans repl, trans repl with updateable, snapshot repl using the same instance.
configuration is like this,
publisher and distributor are on the same server, 2 remote subscribers, one is 2000, the other is 2005.
It works OK, today I am trying to disable the replicaiton, clean up the machine. keep getting the errors:
an exception occurred while executing a T-SQL statement or batch only replicaiton jobs,or job schedules can be added, modified,dropped or viewed through replicaiton SPs could not update the distribution database subscription table, the subscription status could not be changed. changed database context to 'master',(MSSQL SERVER error 22538)
I am trying to set up a merge replication between SQL 2005 and SQL Express. When I try to apply the snapshot to the SQL Express database. I get the error "Can not access filepathSnapshot.pre due to error OS 3"
Does anyone know what OS error 3 applies to?
Also, when I try to place the snapshop in the default folder location say D:ReplicationData the create snapshot process will work. If I try to place the snapshot folder not in the default and in a UNC like this \serverIPReplicationData I get an access error. sqlAgent has access to the share, which is fully shared out. Any ideas?
I am running merge replication (SQL 2000 with SP2) with an anonymous pull subscription. The application vendor has come out with update that requires adding a table to a database. The vendor has created scripts that will add the table, as well as some stored procedures. If I apply the scripts to both servers and add the table as a new article to the publication, am I going to have to apply a snapshot of the entire database (which is very large)?
I'm in trouble again. I want to make merge replication between SS 2000 Enterprise and SS 2005 Express edition. 2000 will be publisher, 2005 will be subscriber. In addition I want to use push subsription at 2000 side, very last thing is it will be download only (I know how to make a merge rep. downloadonly, thanks god!). That's all I want to do.
I made a little search, it seems what I want can't be done automatically, using SMO or scripts is suggested. In one of other forums I saw "distibuter>=publisher>=subsriber" (refering sql server versions). Is it an incontestable truth that I cannot make SS 2000 a publisher where SS 2005 Express is subscriber?
How can I achieve my goal, isn't there anyway to make 2000 publisher for merge replication while a 2005 Express is subscriber?
Hi All, We are using SQL2000 servers with transact replication to a warmstand-by server. We are seeing the following error from the Log readeragents.Does anyone have any insight on this error?The process could not execute 'sp_MSadd_repl_commands27hp'TIA Scott B.
Hi, We're running a replicationprocess for months now, and 2 days ago it broke down, for no appearant reason I can detect. The setup is this: A SQL2K server has a publication defined on a database, consisting of several dozen tables. It is a transactional publication, running continuously. There is 1 subscriber, a SQL2005. Both servers run with Win2003 and all have the latest servicepacks. Up until 2 days ago there was hardly a problem. Then I received errormessages on being unable to load into a specific table. That table had been changed on that day, namely, 1 column was changed from CHAR(13) to CHAR(12). I do not know if this has any relation with the problem we experience. Currently the databases are structural the same. I could not get the replicationprocess to work and deleted all, publication on server1 and subscription on server2. I tried to setup a new transactional publication, which is not a problem, however, I cannot create a succesful subscription. I receive the message:
The process could not bulkcopy into table 'Tablename', where tablename is the changed table...
Again, both tables in publisher and subscruiber are the same in all respects. When I remove the offending table from the publication, the same message now with another tablename... Removing this table will result in again this message with another tablename...
I am really flabbergasted. Any idea where to look at?
We have VLDBs running on a SQL 2005 server. Some users have questioned speed and response times. When I investigated the server (W2K3) using the perfomrance monitor, I noticed an interesting questionabel result. The Repl. Pending Xacts showed 44,000,000 transactions waiting to be delived to the distribution databse. Problem is - we do not have replication tunred on on any of the db's on the box. In my research, I have not noticed anyone with a similiar issue. Does this amount of transaction take up space, or is it simply a counter that I don't have to be worried about?
one week ago, for testing purpose, I set up trans repl, trans repl with updateable, snapshot repl using the same instance.
configuration is like this,
publisher and distributor are on the same server, 2 remote subscribers, one is 2000, the other is 2005.
It works OK, today I am trying to disable the replicaiton, clean up the machine. keep getting the errors:
an exception occurred while executing a T-SQL statement or batch only replicaiton jobs,or job schedules can be added, modified,dropped or viewed through replicaiton SPs could not update the distribution database subscription table, the subscription status could not be changed. changed database context to 'master',(MSSQL SERVER error 22538)
I'll start off by saying these questions were submitted to Microsoft and no one can give us an answer without them doing a source code review. Their response was "these are internal BCP scripts that are used by SQL"....yes, I know that....that doesn't help to explain why the system created them. At this point, I don't want my compary to pay support hours for Microsoft personnel to learn what their software does. -------------------- We've had merge publication in place for several years.
Last year, we added some tables/articles to publications.
After the upgrade from SQL Server 2000 SP4 Standard to SQL Server 2005 SP2 Standard, when the snapshot was run, the system created some new files that had never existed before. Also, and more importantly, these files were only created for the articles added after the initial snapshot was created. Articles existing in the intial snapshot did not have these type of files created.
Examples of these files for a SA_MOVE table that was added to an existing publication:
The system wanted to apply these files before it would start synchronizing data so they had to be delivered to the subscriber. It appears it was the sysmergesubsetfilters_ files that it wanted to apply. These are all 0 in size and we do not have filter on(at least not as far as I know...see the addmergearticle code below).
New databases created this year that had all of the articles defined in the publication before the initial snapshot was taken did not get these additional files created, nor did the system want to try to send files to the subscriber before syncrhonization could begin.
This is an example of how an article had been cretead under SQL Server 2000 when adding a new database, before an initial snapshot is run:
We have a client that has a large (5Gb) database replicated to 13 subscribers, the publisher is Sql 2005, the subscribers are Sql Express. The publication has as few filtered articles too. I have found that after several months of continuous running Replication Monitor is taking a long time to report history on each subscriber.
Do people tend to rebuild the indexes on the system merge replication tables on production servers, or should the standard replication jobs take care of this?
I am setting up a combination of transactional and merge replicationon a very large database and do not want to apply the initial snapshotsince this would take to long. I am doing this with scripts that werepreviosly created when the database was not this big. I want to copythe publisher DB over to the Subscriber Server. Can I use theparameter @sync_type to 'none' when running the sp_addsubscription?Does anyone have any experience in doing this?Thanks in Advance for any help on this.Alan
We have had Merge Replication working for the past few months (SQL 2005 to SQL Mobile) and suddenly today the replication URL that points to the SqlCESA30.DLL does not work. I have tried re-running the SQL Mobile virtual folder wizard a few times....resetting IIS and even a re-boot...and still the URL is not available.
Is there anything that might provide some clue as to why this has unexpectedly failed?
I've been able to startup a transactional replication between 2 database for some tables that only have different table names. Now there are still some tables that not only have different names but also different column names, can this be done in the wizzard ??
I have a situation that I have discovered in our QA database that I need to resolve. When I looked at the Activity Monitor for our server, I discovered that a process is running under a domain user account for one of our .Net applications. The problem is that that domain user account has not been created as a SQL login account on the server. I am trying to figure out how someone can log in to the database server with a domain user account that has not been added to SQL Server as a login account.
Does anyone have any insight on this? I don't like the idea of someone being able to create domain account that can access the database without me granting them specific access.
What would cause this message to display or what does this mean?? "Could not start the SQLServerAgent Service, error 2186, the service is not responding to the control function"
I can't start the SQLSERVERAGENT for my sql 2k under win 2003 sp1.
SQLServerAgent could not be started (reason: SQLServerAgent cannot start because the instance of the server (MSSQLSERV) is not the expected instance (MSSQLSERVER)).
I can't find any useful information regarding this error. Any one can help?
When my system re-boots SQLServerAgent will no longer start. The following message is sent to the NT Event Log:
(Event ID 103) "SQLServerAgent could not be started (reason: Unable to connect to server; SQLServerAgent cannot start)."
Following this message are two messages from MSSQLServer that read:
(Event ID 19020) "RPC Net-Library listening on: ncalrpc:USBGRSYSTST1[WMSG0000009A.00000001]."
So is this a timing issues? Is MSSQLServer taking too long to completely start before SQLServerAgent is started? If so, is there a way (without hacking through the registry) to make the SQLServerAgent service dependant on the MSSQLServer service?
This startup issue did not exist until an application was installed on the machine that also has several services that auto-start. I noticed that many of these new services are starting at the same time the MSSQLServer service is starting.
We're running sql 7.0 sp1 and both the sqlserver service and sqlserveragent service are running under local system account. For some reason, the sqlserveragent service started failed with "error 2140" - windows nt internal error From event viewer, it saids it has some connection problem.
The sqlserver service has no problem. All knowledge base material related to 6.5 resolution. Would rebuilding the registry entry help ? I tested and rebuilding the registry did not regrant any registry permission, should it ?
wanted to start the sql server agent and i got this error : An Error 1069 - (The service did not start due to logon faliure ) occured wile performing this service operation on SQLServerAgent servcice.
I am getting the following warning message in the event viewer. I have only one schedule in sql. there is no other schedules in task scheduler or database management.
Event Type:Warning Event Source:SQLSERVERAGENT Event Category:Job Engine Event ID:208 Description: SQL Server Scheduled Job 'Transaction Log Backup Job for DB Maintenance Plan 'DB Maintenance Plan1'' (0xD25A4CDDD1C59E48B4D28F61F0A411B8) - Status: Failed - Invoked on: 2004-08-16 02:30:00 - Message: The job failed. The Job was invoked by Schedule 2 (Schedule 1). The last step to run was step 1 (Step 1).
please i need your help on that sudenly me SQLserveragent stopped and when i try to start it again it give me that error: Event Type:Error Event Source:SQLSERVERAGENT Event Category:Service Control Event ID:103 Date:2/27/2006 Time:11:00:19 AM User:N/A Computer:EGDC2 Description: SQLServerAgent could not be started (reason: Unable to connect to server '(local)'; SQLServerAgent cannot start).
