Can't install SQL Server 2005 SP2: Error 29512 - Unable Add User To Local Group
There is already an EE question on this topic but my situation is different. I've also noticed at least five other posts on the web with this problem with no solutions given.
When installing SP2 for SQL Server 2005 I get this error message:
MSI (s) (E0!68) [09:02:25:673]: Product: Microsoft SQL Server 2005 (64-bit) -- Error 29512. SQL Server Setup was unable add user OUR-LAN-DOMAIN\OUR-SERVICE
The error message seems to contradict itself: it says "local group" which seems to me to mean the group on the database server itself YET the group name is prefixed with our LAN domain name. So which one is it?
Also, I'm not sure if this message means there is a problem in Active Directory or in the security model of SQL Server itself. I don't think it means SQL Server itself because I don't think SQL Server has groups... it only has Roles, right?
We looked in Active Directory and the user above does indeed exist in the domain-level group mentioned.
Please help!
When installing SP2 for SQL Server 2005 I get this error message:
MSI (s) (E0!68) [09:02:25:673]: Product: Microsoft SQL Server 2005 (64-bit) -- Error 29512. SQL Server Setup was unable add user OUR-LAN-DOMAIN\OUR-SERVICE
The error message seems to contradict itself: it says "local group" which seems to me to mean the group on the database server itself YET the group name is prefixed with our LAN domain name. So which one is it?
Also, I'm not sure if this message means there is a problem in Active Directory or in the security model of SQL Server itself. I don't think it means SQL Server itself because I don't think SQL Server has groups... it only has Roles, right?
We looked in Active Directory and the user above does indeed exist in the domain-level group mentioned.
Please help!
ASKER
UPDATE: To our server, I added the local group without the domain prefix:
SQLServer2005SQLAgentUser$
Then added the domain user OUR-SERVICE-ACCOUNT to it.
Funny: I attempt to install SP2 and it still fails, BUT, the install removes OUR-SERVICE-ACCOUNT from the group above !!! Weird!
Incidentally, I found the exact location of the failure in the SP2 install log:
<Func Name='Do_sqlGroupMember'>
Failure adding user OUR-SERVICE-ACCOUNT to local group OUR-LAN-DOMAIN\SQLServer20
Error Code: 0x80070005 (5)
Windows Error Text: Access is denied.
Source File Name: sqlca\sqlsecurityca.cpp
Compiler Timestamp: Sat Oct 7 09:43:41 2006
Function Name: Do_sqlGroupMember
Source Line Number: 1132
I still have a feeling that the reason it's failing is because it's trying to create a local group PREFIXED with OUR-LAN-DOMAIN\
Local groups can't be prefixed with a DOMAIN\, right?
Why is SP2 doing this?
SQLServer2005SQLAgentUser$
Then added the domain user OUR-SERVICE-ACCOUNT to it.
Funny: I attempt to install SP2 and it still fails, BUT, the install removes OUR-SERVICE-ACCOUNT from the group above !!! Weird!
Incidentally, I found the exact location of the failure in the SP2 install log:
<Func Name='Do_sqlGroupMember'>
Failure adding user OUR-SERVICE-ACCOUNT to local group OUR-LAN-DOMAIN\SQLServer20
Error Code: 0x80070005 (5)
Windows Error Text: Access is denied.
Source File Name: sqlca\sqlsecurityca.cpp
Compiler Timestamp: Sat Oct 7 09:43:41 2006
Function Name: Do_sqlGroupMember
Source Line Number: 1132
I still have a feeling that the reason it's failing is because it's trying to create a local group PREFIXED with OUR-LAN-DOMAIN\
Local groups can't be prefixed with a DOMAIN\, right?
Why is SP2 doing this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, just received an email from Experts-Exchange requesting that I do something with this open question... ironically, we had asked Experts-Exchange how to simply retract, or close out a questions some time ago and never received a response.
Basically in this case, none of the input we received was helpful in solving our issue, and we ultimately solved it ourselves. We posted what we found/did back here or the benefit of the community, but how do we actually simply close this question?
Anyone?
Basically in this case, none of the input we received was helpful in solving our issue, and we ultimately solved it ourselves. We posted what we found/did back here or the benefit of the community, but how do we actually simply close this question?
Anyone?
PAQ'd and 500 points refunded
AnnieMod
Cleanup Admin
AnnieMod
Cleanup Admin
http://support.microsoft.com/kb/917410
good luck with that