locked
SQL Server MP RunAS Account Permissions RRS feed

  • Question

  • So I have a RunAS Account that works on 99% of my SQL Servers.  However, I get a few servers where I get repeated messages that certain databases don't have the right permissions set.  I have hit my head against the wall many times and haven't figured this one out.

    For instance, one of my databases is on our SQL Server hosting the OperationsManagerDW database.  The RunAS account has full administrator rights to the system, it is a sysadmin role for the SQL server.  I can use this account and log on and run queries directly from within the Management Studio.

    Any suggestions? 


    Kristopher Turner | Not the brightest bulb but by far not the dimmest bulb.

    Tuesday, October 1, 2013 2:42 PM

All replies

  • Can u advise the exact alert/error you're seeing?

    Have you browsed the current SQL Logs on the SQL instance for any failed login messages?   Is it occurring for ALL DB's in an instances, or only some?  If it's all and you're not seeing any failed logins in the log, then try stopping the SCOM Agent, and deleting the Agent health store folder on the box and starting the agent again as there may be some dodgy data cached with a bad connection string or old credentials.

    E.

    Wednesday, October 2, 2013 1:24 AM
  • What this repeated alert said?

    Please capture the alert detail

    Roger

    Wednesday, October 2, 2013 2:19 AM
  • Here is one of the alerts from one of the SQL servers.  This is per database not the entire SQL server.  My RunAS account works on most of the SQL servers and can read data from most databases.  This example is from my Operations manager database.

    Alert: Run As Account does not exist on the target system or does not have enough permissions

    Source: MSSQLSERVER

    Path:*******************

    Last modified by: System

    Last modified time: 10/2/2013 1:55:04 AM Alert description: Management Group: 88. Script: DiscoverSQL2012FileGroups.js : Cannot login to database [***************][MSSQLSERVER:OperationsManagerDW]

    The only thing I see in my SQL logs at that time are:

    10/2/2013  1:55:03 AM   Logon   Login failed for user 'NT Authority\System'  Reason:  Failed to open the explicitly specified database 'OperationsManagerDW' [Client:  ##.##.##.##] 

    10/2/2013  1:55:03 AM   Logon    Error:  18456, Severity: 14, State: 38  

    The above IP is my database server ip.


    Kristopher Turner | Not the brightest bulb but by far not the dimmest bulb.

    Wednesday, October 2, 2013 1:53 PM
  • Kristopher,

    Did you find solution on this issue ? I do get similar error messages on SQL server

    SCOM Agent tries to query all the databases in SQL instance every one minute, same error is logged in sql error log file.

    This logging stops immediately after stopping the System Center Management ( Health Service)

    Tuesday, December 3, 2013 6:59 PM
  • Sorry Avpati, I left that client and that was still an outstanding issue.  Although I don't recall seeing the errors after we upgraded to the newest Management pack that was released shortly after R2 was released.


    Kristopher Turner | Not the brightest bulb but by far not the dimmest bulb.

    Tuesday, December 3, 2013 7:02 PM