Service accounts suddenly stopped working. Only work when you add DomainAdmin privileges....

Last week I was called in to client with SBS2003 server.  Quickbooks, SQLserver, BackupExec (which uses SQL server) services had all stopped and would not restart.  I reset the passwords for each system account.  No luck.  They appeared to not have adequate permission >> I tried to do a Runas for each account to start a CMD shell and it failed.  So I added DomainAdmin to each account and it works fine now.  

Today, I was called and Outlook Web Access was not working.  Error, Login timeout 440.  Again, I added DomainAdmin privileges to IUSR_STS1 and OWA started working again.

Any clues?  
LVL 6
ButlerTechnologyAsked:
Who is Participating?
 
ButlerTechnologyConnect With a Mentor Author Commented:
Thanks TechSoEasy...but it turns out the problem was one of permissions.

Someone (the onsite admin?) had removed the users from the Users group.   This had a pernicious effect on all but the domain admin accounts.  
0
 
PakaCommented:
Did you check to see if the accounts had expired or were locked out?  Are these service accounts members of the local admins?  Adding IUSR_ to domain admins is not a good idea!
0
 
ButlerTechnologyAuthor Commented:
-none of the accounts were locked out or expired.
-none of the accounts were member of local admin
-domainadmin is a temp workaround to get them working while I find a solution

0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Follow the steps outlined here and your problem should be resloved:
http://msmvps.com/blogs/cgross/archive/2004/08/08/11472.aspx

Jeff
TechSoEasy
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.