Solved

Server ertificates and "Log on as:"

Posted on 2009-04-06
1
184 Views
Last Modified: 2012-05-06
I'm attempting to configure an 05 Express install running on an Amazon's EC2 winserver05 instance. Because data is not persisted on the c: drive when an instance is terminated (and since this is a development/testing box, I'll be terminating this server quite often) I'm trying to relocate the system databases to e: drive which _is persisted. I've also copied the .cert files from the C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data path to the new path.

So far, I've made the necessary adjustments to the point that I can run sql with all system databases living in the e: drive. But I'm getting an error tossed during service startup: 'An error occurred during decryption.' And the service refuses to start under anything except Network Service.

Since this box/install is only a testing/dev server, perhaps I shouldn't worry too much about it but running the service at that level doesn't seem right. And down the road I may want to have this db interacting/replicating to production servers.

To date, i don't have any data populated and am actually thinking i might be best off to create an install script that would let me specify my preferred paths and start the whole thing off from scratch. But something tells me if i re-gen the server certs and tweak some user accounts correctly I'll get this running without a reinstall.

thoughts and guidance much appreciated.
--steve...
0
Comment
Question by:juststeve
1 Comment
 
LVL 24

Accepted Solution

by:
DBAduck - Ben Miller earned 250 total points
ID: 24217521
If you are using encryption, you should start the SQL Server under Network Service and then if you want to change that username and password, use the SQL Configuration Manager and change the service account there so that it will reencrypt the keys with that username.  Once you have encryption in place, you cannot change the SQL Server Service username and password without using the Configuration Manager, otherwise you will lose your encryption because the Service Master key is at the helm of all encryption.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION: While tying your database objects into builds and your enterprise source control system takes a third-party product (like Visual Studio Database Edition or Red-Gate's SQL Source Control), you can achieve some protection using a sing…
In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question