none
sql server 无法以local service和network service启动 RRS feed

  • 问题

  • 用local system可以启动,但是用local service和network service启动就有WMI provider error,提示:找不到对象和属性
    log如下:


    2009-12-16 12:10:28.29 Server      Microsoft SQL Server 2008 R2 (CTP) - 10.50.1352.12 (Intel X86) 
    	Oct 30 2009 18:22:17 
    	Copyright (c) Microsoft Corporation
    	Express Edition with Advanced Services on Windows NT 5.1 <X86> (Build 2600: Service Pack 3)
    
    2009-12-16 12:10:28.29 Server      (c) Microsoft Corporation.
    2009-12-16 12:10:28.29 Server      All rights reserved.
    2009-12-16 12:10:28.29 Server      Server process ID is 3148.
    2009-12-16 12:10:28.29 Server      Authentication mode is WINDOWS-ONLY.
    2009-12-16 12:10:28.29 Server      Logging SQL Server messages in file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Log\ERRORLOG'.
    2009-12-16 12:10:28.29 Server      This instance of SQL Server last reported using a process ID of 3848 at 2009-12-16 12:10:22 (local) 2009-12-16 4:10:22 (UTC). This is an informational message only; no user action is required.
    2009-12-16 12:10:28.29 Server      Registry startup parameters: 
    	 -d C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\DATA\master.mdf
    	 -e C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Log\ERRORLOG
    	 -l C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\DATA\mastlog.ldf
    2009-12-16 12:10:28.31 Server      SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.
    2009-12-16 12:10:28.31 Server      Detected 2 CPUs. This is an informational message; no user action is required.
    2009-12-16 12:10:28.78 Server      Using dynamic lock allocation.  Initial allocation of 2500 Lock blocks and 5000 Lock Owner blocks per node.  This is an informational message only.  No user action is required.
    2009-12-16 12:10:28.84 Server      Node configuration: node 0: CPU mask: 0x00000003:0 Active CPU mask: 0x00000003:0. This message provides a description of the NUMA configuration for this computer. This is an informational message only. No user action is required.
    2009-12-16 12:10:28.85 spid7s      Starting up database 'master'.
    2009-12-16 12:10:28.90 spid7s      Recovery is writing a checkpoint in database 'master' (1). This is an informational message only. No user action is required.
    2009-12-16 12:10:28.93 spid7s      FILESTREAM: effective level = 0, configured level = 0, file system access share name = 'SQLEXPRESS'.
    2009-12-16 12:10:28.95 spid7s      SQL Trace ID 1 was started by login "sa".
    2009-12-16 12:10:28.95 spid7s      Starting up database 'mssqlsystemresource'.
    2009-12-16 12:10:28.96 spid7s      The resource database build version is 10.50.1352. This is an informational message only. No user action is required.
    2009-12-16 12:10:29.12 spid10s     Starting up database 'model'.
    2009-12-16 12:10:29.12 spid7s      Server name is 'HUDW\SQLEXPRESS'. This is an informational message only. No user action is required.
    2009-12-16 12:10:29.13 spid7s      Informational: No full-text supported languages found.
    2009-12-16 12:10:29.13 spid7s      Starting up database 'msdb'.
    2009-12-16 12:10:29.16 Server      Error: 17190, Severity: 16, State: 1.
    2009-12-16 12:10:29.16 Server      Initializing the FallBack certificate failed with error code: 1, state: 1, error number: -2146893802.
    2009-12-16 12:10:29.16 Server      Unable to initialize SSL encryption because a valid certificate could not be found, and it is not possible to create a self-signed certificate.
    2009-12-16 12:10:29.16 Server      Error: 17182, Severity: 16, State: 1.
    2009-12-16 12:10:29.16 Server      TDSSNIClient initialization failed with error 0x80092004, status code 0x80. Reason: Unable to initialize SSL support. Cannot find object or property.
    
    2009-12-16 12:10:29.16 Server      Error: 17182, Severity: 16, State: 1.
    2009-12-16 12:10:29.16 Server      TDSSNIClient initialization failed with error 0x80092004, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Cannot find object or property.
    
    2009-12-16 12:10:29.16 Server      Error: 17826, Severity: 18, State: 3.
    2009-12-16 12:10:29.16 Server      Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
    2009-12-16 12:10:29.16 Server      Error: 17120, Severity: 16, State: 1.
    2009-12-16 12:10:29.16 Server      SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.
    

    请高手指点~

    2009年12月16日 4:12

答案

  • SQL Server中启动帐户分两类:1.内建帐户(Local System,Local Service,Network Service)  
                                                   2.指定帐户(Domain Account)

    在此简要说明一下内建帐户的使用: Local System具有最高的讯问控制权限,可以对本机磁盘上的任何文件系统进行操作,权限较高,风险较大,可以作为任意服务的启动帐户
                                                        Local Service具有于指定帐户相同的权限,但是较Local System权限较低,可以用于SQL Agent的启动帐户,但是不可以做为
                                                                              SQL Server DataBase Engine的启动帐户

                                                        Network Service权限介于毅两者之间,可以做为最佳的Windows NT帐户认证 下的SQL Server启动帐户使用
                                                       
    2009年12月18日 3:17

全部回复

  • Sql service account needs certain user rights on the server, ensure account you use has those rights. By the way, why you want to start sql with those accounts?
    2009年12月16日 4:17
  • 我用的是windows xp sp3,该如何设置用户访问权限?
    感觉用local system,权限太大,所以想用service。倒是没有别的考虑
    2009年12月16日 4:19
  • Set user rights in administrative tools -> local security policy.
    2009年12月16日 4:24
  • 没看懂本地安全策略里的内容:(
    更正一下:network service可以启动,只是local service不行。
    感谢rmiao的帮助。
    2009年12月16日 4:30
  • 用 sql server 的服务配置管理工具去改启动帐号, 这个工具会自动授予你分配的服务用户适宜的权限.
    2009年12月16日 4:38
  • 建议 使用 network service,它的权限会很低而且具有网络访问权限


    Jeffrey
    2009年12月16日 7:20
  • SQL Server中启动帐户分两类:1.内建帐户(Local System,Local Service,Network Service)  
                                                   2.指定帐户(Domain Account)

    在此简要说明一下内建帐户的使用: Local System具有最高的讯问控制权限,可以对本机磁盘上的任何文件系统进行操作,权限较高,风险较大,可以作为任意服务的启动帐户
                                                        Local Service具有于指定帐户相同的权限,但是较Local System权限较低,可以用于SQL Agent的启动帐户,但是不可以做为
                                                                              SQL Server DataBase Engine的启动帐户

                                                        Network Service权限介于毅两者之间,可以做为最佳的Windows NT帐户认证 下的SQL Server启动帐户使用
                                                       
    2009年12月18日 3:17
  • System accounts are not only for sql service.
    2009年12月18日 3:23