I'm not sure if this is a Server 2003 issue or an MSSQL issue, so pardon the cross-post.

I have created a local user called "sql-daemon" to run MSSQL 2005. At the onset, everything works fine: I can reboot the server and all SQL processes start as expected.

Then, one day, I discover that SQL is not running. I check the server and find messages in the event logs stating that various SQL services couldn't start because of an authentication issue. The solution: from Services, I track down the SQL items and retype the (unchanged) password for my sql-daemon user. The first of these returns a message that "sql-daemon has been allowed to Run as Service." Peachy.

So, my question is: What is causing my sql-daemon user to be denied permission to Run as Service?

This has happened twice since the server was brought online back in March. The first time was by complete surprise and thought a fluke. The second time was June 16 - we caught the server as it was rebooting after a critical Windows update. After it rebooted, SQL would not start as described above. We have since fixed the auto-update settings to avoid rebooting without our knowledge, but we really want to be sure that SQL will be able to start successfully next time.

Thanks for your ideas!
~ Aaron

This problem was also happening to my SQL server and I was seeing the same error in the Event Viewer after a reboot; Event ID 7041 - The MSSQLSERVER service was unable to log on as BCB\sqladmin with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

I found that the account trying to start the services was added to the local computer policy "logon as a service", but was not in the default domain policy. If you have the rights, check in there. I am not able to reboot the server at this point to test this, but will reply back next week.

Hope this helps.

Aaron, adding the user to the default domain policy "login as service" corrected my issue.

nworbm,

Wow! Glad to hear this is the solution. Now I just have to talk to the right(s) people and get my user added to the policy. Thanks for helping with this mystery.

~ Aaron

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.