?
Solved

Server ertificates and "Log on as:"

Posted on 2009-04-06
1
Medium Priority
?
188 Views
Last Modified: 2012-05-06
I'm attempting to configure an 05 Express install running on an Amazon's EC2 winserver05 instance. Because data is not persisted on the c: drive when an instance is terminated (and since this is a development/testing box, I'll be terminating this server quite often) I'm trying to relocate the system databases to e: drive which _is persisted. I've also copied the .cert files from the C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data path to the new path.

So far, I've made the necessary adjustments to the point that I can run sql with all system databases living in the e: drive. But I'm getting an error tossed during service startup: 'An error occurred during decryption.' And the service refuses to start under anything except Network Service.

Since this box/install is only a testing/dev server, perhaps I shouldn't worry too much about it but running the service at that level doesn't seem right. And down the road I may want to have this db interacting/replicating to production servers.

To date, i don't have any data populated and am actually thinking i might be best off to create an install script that would let me specify my preferred paths and start the whole thing off from scratch. But something tells me if i re-gen the server certs and tweak some user accounts correctly I'll get this running without a reinstall.

thoughts and guidance much appreciated.
--steve...
0
Comment
Question by:juststeve
1 Comment
 
LVL 25

Accepted Solution

by:
DBAduck - Ben Miller earned 1000 total points
ID: 24217521
If you are using encryption, you should start the SQL Server under Network Service and then if you want to change that username and password, use the SQL Configuration Manager and change the service account there so that it will reencrypt the keys with that username.  Once you have encryption in place, you cannot change the SQL Server Service username and password without using the Configuration Manager, otherwise you will lose your encryption because the Service Master key is at the helm of all encryption.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION: While tying your database objects into builds and your enterprise source control system takes a third-party product (like Visual Studio Database Edition or Red-Gate's SQL Source Control), you can achieve some protection using a sing…
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Loops Section Overview

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question