?
Solved

Server ertificates and "Log on as:"

Posted on 2009-04-06
1
Medium Priority
?
186 Views
Last Modified: 2012-05-06
I'm attempting to configure an 05 Express install running on an Amazon's EC2 winserver05 instance. Because data is not persisted on the c: drive when an instance is terminated (and since this is a development/testing box, I'll be terminating this server quite often) I'm trying to relocate the system databases to e: drive which _is persisted. I've also copied the .cert files from the C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data path to the new path.

So far, I've made the necessary adjustments to the point that I can run sql with all system databases living in the e: drive. But I'm getting an error tossed during service startup: 'An error occurred during decryption.' And the service refuses to start under anything except Network Service.

Since this box/install is only a testing/dev server, perhaps I shouldn't worry too much about it but running the service at that level doesn't seem right. And down the road I may want to have this db interacting/replicating to production servers.

To date, i don't have any data populated and am actually thinking i might be best off to create an install script that would let me specify my preferred paths and start the whole thing off from scratch. But something tells me if i re-gen the server certs and tweak some user accounts correctly I'll get this running without a reinstall.

thoughts and guidance much appreciated.
--steve...
0
Comment
Question by:juststeve
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 25

Accepted Solution

by:
DBAduck - Ben Miller earned 1000 total points
ID: 24217521
If you are using encryption, you should start the SQL Server under Network Service and then if you want to change that username and password, use the SQL Configuration Manager and change the service account there so that it will reencrypt the keys with that username.  Once you have encryption in place, you cannot change the SQL Server Service username and password without using the Configuration Manager, otherwise you will lose your encryption because the Service Master key is at the helm of all encryption.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've encountered valid database schemas that do not have a primary key.  For example, I use LogParser from Microsoft to push IIS logs into a SQL database table for processing and analysis.  However, occasionally due to user error or a scheduled task…
So every once in a while at work I am asked to export data from one table and insert it into another on a different server.  I hate doing this.  There's so many different tables and data types.  Some column data needs quoted and some doesn't.  What …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question