We have a set of client servers which will include a SQL Server 2000 active/passive cluster attached to a SAN. We have all the equipment here (no attachment to client site) to configure. My worry is since it will have to be setup as a workgroup, and then shipped to client to add to their domain, is this a doable option. has anyone had to do this or tried this? Or would we be better off shipping whole thing to client and setting up cluster there?
My company has a large-ish website and we are migrating to new servers. There will be a web server (accessible to the world) backed by a SQL Server 2005 Standard server (only accessible by the web server and through VPN/Remote Desktop to administrators and our internal network). We can either put the database server (which is not in a cluster) on our domain or leave it in a workgroup. My first thought is leave it in a workgroup simply for security and reliability (i.e. if the DC goes down or loses connectivity), but people here are disagreeing with me.
Should I put the database server (which is not used internally at all) on the domain or leave it in a workgroup?
My company has a large-ish website and we are migrating to new servers. There will be a web server (accessible to the world) backed by a SQL Server 2005 Standard server (only accessible by the web server and through VPN/Remote Desktop to administrators and our internal network). We can either put the database server (which is not in a cluster) on our domain or leave it in a workgroup. My first thought is leave it in a workgroup simply for security and reliability (i.e. if the DC goes down or loses connectivity), but people here are disagreeing with me.
Should I put the database server (which is not used internally at all) on the domain or leave it in a workgroup?
Hi have a small network setup and have MS sql server on workstation.Can access it locally but cannot access it from other work stations.I am assuming it is some sort of logon error, being it is not adomain. Any ideas on getting by this ?
In the following scenario, I am getting the message 'Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection'.
I am running a Windows Server 2003 with development environment and Sql Server Management Studio in a workgroup on a virtual PC.
My SQL Server 2000 is running on a domain server.
On the virtual Pc I have setup my user login and password to be the same as my domain login and password. Why is the Management Studio not using impersonation and allowing me to connect to the SQL server on the domain?
For the past couple of days, I have been trying to get my SQL Server to work with Distributed Views. I am created linked servers, linked server logins, set XACT Abort ON.
I am successful in running a select against the distributed view, but was unable to run an "INSERT"
When I try a simple insert, the query took 3:14 minutes. Then I get an error message like:
Server: Msg 7391, Level 16, State 1, Line 1 The operation could not be performed because the OLE DB provider 'SQLOLEDB' was unable to begin a distributed transaction. [OLE/DB provider returned message: New transaction cannot enlist in the specified transaction coordinator. ] OLE DB error trace [OLE/DB Provider 'SQLOLEDB' ITransactionJoin::JoinTransaction returned 0x8004d00a].
I have checked that MSDTC is running and configured under a domain account on both machines - running sQL 2000 and win2K
I have been unsuccessful still after tinkering for several days. I have checked my network configurations and noticed that when I try to ping the other machine by name, I don't get a response. I can only get a response to a ping when I enter the IP address directly.
Could this be a problem? Also, I noticed that for some strange reason, whenever I ping from either machine it is showing an external IP - always the same one no matter which computer name I try to ping. Something like 209.xxx.xxx.xxx instead of the 192.xxx.xxx.xxx that I expect.
Finally, I thought that problem was possibly due to incorrect Active Directory configuration. I tried to remove both machines from the domain by changing them to a workgroup "TEST" instead of the domain.
When I restarted the PC, I am unable to start SQL Server. It shows the Red Stop sign. When I try to start it, it gives an error like: Service could not start because one or more dependencies failed.
When I add the machine back to the domain, SQL server starts working on reboot.
This question is regarding a brand new out-of-the-box SQL Server 2005 Workgroup Edition install. The old SQL Server 2000 server is working properly with regard to the issue we're having:
We are using Windows Authentication, and have created SQL logins for about
40 different groups on our domain. We've given those logins the appropriate
permissions on the databases they're supposed to be able to access. The SQL Server is not a domain controller, but is a member of the domain, and domain logins do work for Windows-login purposes on this box.
The problem is that when users try to connect to the SQL server, they are denied access. An error 18456 is thrown, and logged in the Application event log
stating "Login failed for user OURDOMAIN heuser" (example values). The
domain user is properly a member of group added as a login to SQL Server, and we've confirmed that there are not conflicting permissions that would deny those
users access via another route. These same groups are working fine on the SQL Server 2000 box.
This is only a problem for domain-based groups. If we create a local group
on the SQL server machine, through Computer Management -> Local Users and
Groups, then make the same domain users a member of THAT group, and finally then follow the same process to add that local group to SQL Server Logins and set
the database privileges, it works!!
Our group memberships change frequently, and are used for a lot more than
just SQL server permissions. So, using local groups and maintaining
membership in both places is not really feasible. Any ideas why a local
machine group containing domain user accounts would work fine, but a domain
I have been asked to move a system running MS SQL 2000 Server from a workgroup to a domain. The SQL server is running in SQL Authentication and the services are running as local system.
Will SQL Server break after the move?
Any advice will help. I thought I remember this being the case, but possibly only with Windows Authentication.
I have a quick question regarding domains and workgroups.
Currently I am working on an issue in the office of a small business. Right now there are 3 client computers that connect to a dell server running windows std. server 2003. The server has sql running on it that takes care of the invoicing system. Two out of the three work stations are able to use the database fine, but there is one that is unable to connect to the database. The only different that I could find is that the two workstations that DO work are currently set to use a workgroup, whereas the one workstation that does NOT work is set to use a domain...... I tried switching that computer to workgroup, but then I was unable to login as the normal user that I had always logged in as before.....
What can I do to solve this dilemma?
Any help would be greatly appreciated!
I apologize if this is the wrong forum for this, and if it is, if someone would point me to the correct one I would appreciate it.
I am trying to set up replication (transactional with updates) from a 2-node Active/Passive SQL Server 2005 Cluster to a SQL Server 2005 server in a Workgroup. When configuring the Snapshot Agent, Log Reader Agent and Queue Reader Agent from the Publisher (Cluster) we are advised not to use the SQL Server Agent Service Account for security reasons. When I specify a Domain Account I get an "unknown security error" staring the snapshot agent. When I select the option to run under the service account all works well. Strange thing is when I specify the service account I still get the "unknown security error" message. Anyone got any ideas?
I'm trying to establish connection between two SQL servers, one on a Domain and one on a Workgroup. When I log as the local administrator to the Domain machine, everthing is fine and both machines can register each other (both machines have the same local admin user name & password.) When I log back into the Domain on the Domain machine, I cannot register the Workgroup server but I can register Domain server from the Workgroup server. Putting the Workgroup machine on my Domain won't work because I'm going to be using a firewall. Do I need to set up another domain for the Workgroup machine and configure a trust on the Domain machine? Any suggestions?
in this computer sqlserver express edition is installed, i want to remove this express becoz in configuration manager it show two SQLSERVER'S are running. when i browse from COMPUTER - 2 for network servers it show server name as HASH/SQLEXPRESS, but not the main SQLSERVER.
COMPUTER -2
IP::::129.100.100.142
COMPUTER NAME::: FEROZ
MEMBER OF WORKGROUP
can anyone help me how to connect these two computers and remove this express edition
I know it's not possible, I've read the KBs. But I don't understand why not - from my testing, it looks like the only things that break are the domain groups to which the service logins are added. The service logins can be changed, as can the IPs, and SQL starts up just fine. The only problem is the domain groups.
I saw this KB:
http://support.microsoft.com/?kbid=910708
which says this:
After you install a SQL Server 2005 failover cluster, you can change the service accounts, but you cannot change the domain groups. If you want to use different domain groups, you must uninstall and then reinstall SQL Server 2005.
But it doesn't elaborate, it just says that the groups cannot be changed. Why not? That seems silly to me - it's not just a line in a config file somewhere? Can someone please give me a good reason why the groups cannot be changed?
A Microsoft cluster, (SQL Failover cluster) with one node as the domain controller. The cluster was built off site and the domain name used is the same as our existing domain where we eventually need to install this cluster.
We need: (At least I think we need:)
To remove node 2 from the "cluster domain", DCPROMO node 1 and eliminate the "cluster domain". We then need to join the cluster (nodes) to the existing domain. We also need to recreate the accounts/groups used during installation.
Questions:
1) What adverse impact will the removal of the "cluster domain" have on the security groups/accounts used in the installation?
2) Will I have to re-install SQL 2005?
3) Is my paranoia real or imagined? (Will Elvis live?) Am I on the right track or totally off base?
Any prior experience with this would be greatly appreciated. In fact, a WAG is appreciated too.
We have 2 node sql 2012 cluster and we have a scenario where domain,IPs,Hostanmes and SQL network name are changing.
1> Can SQL cluster role be brought online by changing the sql network name and its IP once windows team reconfigure the OS cluster or there will be any challenges.
2>should I uninstall sql cluster on both nodes then windows will destroy OS cluster and they then they need to change IP,hostname and domain and then fresh installation of sql cluster
I would like to install SQL server 2005 cluster on Windows 2003 cluster. Is domain controller (AD and DNS) necessary for the SQL server 2005 cluster? If yes, may I install it on one of the SQL server 2005 cluster nodes? Thanks in advance
I have DBA that is convinced that they need domain admin rights to install SQL 2005 into an existing cluster. The domain groups and service accounts for SQL have been created already. Is having domain admin rights required during the install of SQL 2005 in a cluster?
I'm totally stuck on this issue and would really appreciate any advice. Here's what's going on...
I'm trying to install SP2 on a SQL 2005 Std x64 cluster and all the components upgrade except the DB Engine, which fails with this error saying the domain group (not the service account) could not be validated for the full-text search service.
I've rebooted both nodes. I've verified that the domain group exists. I even removed the full text search component and I still get the same error.
I've reviewed this: http://support.microsoft.com/kb/915846 But the ftsgroup registry value mentioned does not exists. I assume it only shows up after sp2 is installed.
Interestingly, I couldn't uninstall full-text search unless I passed the FTSCLUSTERGROUP parameter to the setup.exe command line remove command.
The OS is Windows Server 2003 Ent x64 SP2. Not a domain controller. I'm upgrading from the RTM version of SQL Server.
I've posted the relevant parts of the summary and log files below.
Thanks in advance for any ideas!
- Chris
-------------------------------------
Summary.txt ==========
Product : Database Services (MSSQLSERVER) Product Version (Previous): 1399 Product Version (Final) : Status : Failure Log File : C:Program FilesMicrosoft SQL Server90Setup BootstrapLOGHotfixSQL9_Hotfix_KB921896_sqlrun_sql.msp.log Error Number : 28130 Error Description : MSP Error: 28130 A domain group is missing for one or more services. To install SQL Server 2005 as a failover cluster, domain groups must be specified for all the clustered services being installed .To proceed, enter the missing domain group information. The domain group cannot be validated for the service Full-Text Search.
Failed to validate group name for FTSCLUSTERGROUP. Error 87 Error Code: 0x80070057 (87) Windows Error Text: The parameter is incorrect. Source File Name: sqlcadomaingroupdialog.cpp Compiler Timestamp: Sat Oct 7 09:43:40 2006 Function Name: validateSetDomainGroups Source Line Number: 484
MSI (s) (A8!98) [12:17:17:610]: Transforming table Error. MSI (s) (A8!98) [12:17:17:610]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:610]: Transforming table Error. MSI (s) (A8!98) [12:17:17:626]: Transforming table Error. MSI (s) (A8!98) [12:17:17:626]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:626]: Transforming table Error. MSI (s) (A8!98) [12:17:17:626]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:626]: Transforming table Error. MSI (s) (A8!98) [12:17:17:626]: Note: 1: 2262 2: Error 3: -2147287038 Error Code: 87 MSI (s) (A8!98) [12:17:17:626]: Transforming table Error. MSI (s) (A8!98) [12:17:17:626]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:642]: Transforming table Error. MSI (s) (A8!98) [12:17:17:642]: Transforming table Error. MSI (s) (A8!98) [12:17:17:642]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:642]: Transforming table Error. MSI (s) (A8!98) [12:17:17:642]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:642]: Transforming table Error. MSI (s) (A8!98) [12:17:17:642]: Note: 1: 2262 2: Error 3: -2147287038 MSI (s) (A8!98) [12:17:17:642]: Product: Microsoft SQL Server 2005 (64-bit) -- Error 28130. A domain group is missing for one or more services. To install SQL Server 2005 as a failover cluster, domain groups must be specified for all the clustered services being installed .To proceed, enter the missing domain group information. The domain group cannot be validated for the service Full-Text Search.
Error 28130. A domain group is missing for one or more services. To install SQL Server 2005 as a failover cluster, domain groups must be specified for all the clustered services being installed .To proceed, enter the missing domain group information. The domain group cannot be validated for the service Full-Text Search. <EndFunc Name='LaunchFunction' Return='87' GetLastError='0'> MSI (s) (A88) [12:17:17:642]: Transforming table InstallExecuteSequence. MSI (s) (A88) [12:17:17:642]: Note: 1: 2262 2: InstallExecuteSequence 3: -2147287038 MSI (s) (A88) [12:17:17:658]: Transforming table InstallExecuteSequence. MSI (s) (A88) [12:17:17:658]: Transforming table InstallExecuteSequence. MSI (s) (A88) [12:17:17:658]: Note: 1: 2262 2: InstallExecuteSequence 3: -2147287038 MSI (s) (A88) [12:17:17:658]: Transforming table InstallExecuteSequence. MSI (s) (A88) [12:17:17:658]: Note: 1: 2262 2: InstallExecuteSequence 3: -2147287038 MSI (s) (A88) [12:17:17:658]: Transforming table InstallExecuteSequence. MSI (s) (A88) [12:17:17:658]: Note: 1: 2262 2: InstallExecuteSequence 3: -2147287038 Action ended 12:17:17: Validate_ServiceAccounts.3EA9D9BF_D9D2_4023_B2A7_9E2137B2FB1B. Return value 3. Action ended 12:17:17: INSTALL. Return value 3. Property(S): ProductCode = {26F1A218-3158-4107-B3A6-37FD61CEE969} Property(S): ProductLanguage = 1033 Property(S): Manufacturer = Microsoft Corporation Property(S): ProductVersion = 9.2.3042.00
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master) -A sql server 2005 on a win server 2003 in "sub domain" AD -A linked server to "sub domain" AD -A linked server login using a "sub domain" admin acccount -A view to this linked server -A grant on masterDomain/Domain Users to the database -A grant on subDomain/Domain Users to the database -We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts. Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT * FROM OPENQUERY(ADSI, 'SELECT displayname, givenName, sn, cn (etc...) FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com'' WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error: Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
we recently migrated from our in-house domain to the Enterprise domain. Everything went smooth except for the fact that I can no longer accept my dBs using my SA or my domain admin account. There is only 1 account I can get into the management studio with but it has no admin privileges, so I can't make any password changes or add accounts. I don't have a test environment so kind of hesitant to experiment with our production system.
I'm trying to run a test from my test environment which is a non-domain Windows 2000 server to access my domain 2003 with SQL2005. I have install 2005 tools to try to access the SQL server.
- I have try following the KB265808 - no success. - Reading alot of blogs and it seems all are pointing to the same problem. "Remote access" but the settign is enabled.Error Message:
TITLE: Connect to Server ------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=53&LinkId=20476
Question: Could Windows 2003 security be blocking access? I'm using sa account to access.
Also, sa account does not seems to work for remote access. It is ok when accessing locally.
During the installation of Adding node to a SQL Server failover cluster(On passive node) getting error like.. The MOF compiler could not connect with the WMI server. This is either because of a semantic error such as an incompatibility with the existing WMI repository or an actual error such as the failure of the WMI server to start.We run the below commands but didn’t get any resolution & got the same above error .
1<sup>st</sup> Method…
1. Open console command (Run->CMD with administrator privileges).
2. net stop winmgmt
3. Rename folder %windir%System32WbemRepository to other one, for backup purposes (for example _Repository).
I am in the process of moving databases from a SQL 2005 Standard version to a 2-node 2014 cluster.All of my 2005 databases back up successfully.They all restore without issue except for one database that has a full text catalog. I get this message
Msg 7610, Level 16, State 1, Line 2 Access is denied to "fileStoragedataMSSQLSERVERFullTextCatalog", or the path is invalid. Msg 3156, Level 16, State 50, Line 2 File 'sysft_FTCatalog' cannot be restored to 'fileStoragedataMSSQLSERVERFullTextCatalog'. Use WITH MOVE to identify a valid location for the file. Msg 3119, Level 16, State 1, Line 2 Problems were identified while planning for the RESTORE statement. Previous messages provide details. Msg 3013, Level 16, State 1, Line 2 RESTORE DATABASE is terminating abnormally.
[code]....
I went as far as giving the folder full access to everyone temporarily and received the same error.
Can I build a cluster by adding the cluster service, then the SQL instances, then add the other nodes and their passive SQL instances?I would lean to building the cluster first, the add the SQL instances.
I have following script which i am planning to run to drop all non-clustered primary keys on a database and then created as clustered. I am using someone else's script so don't know how to modify this. Some of primary key columns are used in references in other tables.
is there anyway i can drop the existing primary keys and using their original script then create again as clustered including restoring all foreign and reference keys and unique or no unique.
DECLARE @table NVARCHAR(512), @tablename NVARCHAR(512), @sql NVARCHAR(MAX), @sql2 NVARCHAR(MAX), @sql3 NVARCHAR(MAX), @column NVARCHAR(MAX); DECLARE @indexname NVARCHAR(512); SELECT name As 'Table'
We are planning to change all IPs of PRODUCTION Failover Cluster Setup. In my cluster setup ... we have 2 Physical Nodes with windows-2008, Roles are MSDTC and SQL-2008R2.
IP change for:
1. Both Nodes(Physical) 2. MSDTC 3. SQL Server 4. windows Cluster
So Almost... All IPs are going to change.
Im DBA here, I need to take care of SQL cluster and MSDTC. But I haven't performed this activity before.So I'm worrying about Impacts and consequences of this change. steps how should I perform this activity.
Hi all,it happen to me a strange problem:i have a mdb file (in Access 2K) with SQL Server 2K linked tables whoruns on a workstation which is on a different domain that the SQLServer. It works.If i create a mdb file from a workstation which is a the domain of theSQL Server and then i run it a my non-domain workstation i have errormessage:Login failed for user '(null)'. Reason: Not associated with a trustedSQL Server connectionBut if i reattached my tables it works.If someone have an idea....PS: same ODBC on both machines
We have many tables which have cluster index on column with datatype 'Char(200)'. Does anyone have script to change cluster index to noncluster for all user tables which have clustered index on a column with 'char(200)' datatype.
