locked
Login failed for user 'domain\user' RRS feed

  • Question

  • Hi All,

    My SQL Server account was deleted from AD, and re-created later. And now I get the following error "Login failed for user 'Domain\ServiceAccount'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: <local machine>]"

    I dont see any other error in log. Do I need to set SQL Server service to use that account again using "SQL Server Configuration Manager" ???

    Thanks in Advance

    Friday, December 2, 2011 7:12 PM

Answers

  • Hi niubrother,

    You have deleted the old domain account and added a new domain account.  They have the same name but have different SIDs, because the security identifier (SID) for each account is unique.  You need update the service account.

    You can follow below step-by-step:

    1. Open SQL Server Configuration Manager.
    2. Click SQL Server Services, and then right-click SQL Server<MSSQLSERVER>, you can choose properties.
    3. Then, you should enter the account name and password for the domain user account.  Before do this, you should click the Browse, and enter the account name to make sure whether account name is in the domain, then click Ok and Apply.
    4. Finally,  you should restart your computer.  That will be ok.


    Best Regards,
    Iric
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    • Proposed as answer by Uwe RickenMVP Monday, December 5, 2011 10:34 AM
    • Marked as answer by niubrother Monday, December 12, 2011 11:33 AM
    Sunday, December 4, 2011 12:12 PM

All replies

  • Hi niubrother,

    You have deleted the old domain account and added a new domain account.  They have the same name but have different SIDs, because the security identifier (SID) for each account is unique.  You need update the service account.

    You can follow below step-by-step:

    1. Open SQL Server Configuration Manager.
    2. Click SQL Server Services, and then right-click SQL Server<MSSQLSERVER>, you can choose properties.
    3. Then, you should enter the account name and password for the domain user account.  Before do this, you should click the Browse, and enter the account name to make sure whether account name is in the domain, then click Ok and Apply.
    4. Finally,  you should restart your computer.  That will be ok.


    Best Regards,
    Iric
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    • Proposed as answer by Uwe RickenMVP Monday, December 5, 2011 10:34 AM
    • Marked as answer by niubrother Monday, December 12, 2011 11:33 AM
    Sunday, December 4, 2011 12:12 PM
  • The issue you are having yes is down to the SID changing. In your databases you have orphaned users. Once you have created the account again the issue you will have is in the databases the account previously had access to.

    Have a read of this article on identifying orphaned users and how to resolve those orphaned users so that you have the access again.

    http://msdn.microsoft.com/en-us/library/ms175475.aspx

    I hope this helps.


    Warwick Rudd
    MCT MCITP SQL Server 2008 Admin
    My Blog
    -------------------------------------------------------
    Please mark as Answered if I have answered your question
    Please vote if this was useful
    -------------------------------------------------------
    Movember is here. Show your support for Mens Health
    by making a donation here - Movember
    • Proposed as answer by Uwe RickenMVP Monday, December 5, 2011 10:34 AM
    • Unproposed as answer by Uwe RickenMVP Monday, December 5, 2011 10:35 AM
    Sunday, December 4, 2011 11:24 PM