Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Adding 2nd Domain Conroller to 2011 SBS Domain

Posted on 2014-09-02
10
Medium Priority
?
146 Views
Last Modified: 2014-09-09
We have a 2011 SBS Server and it has been running for over a year. It has 32 GB RAM and 1 Terabyte SAS Drives configured as RAID-10.

We just added (this past weekend) an addtional 2008 R2 Server and promoted it to Domain Controller. I was careful NOT to add this as a Read Only Domain Controller.

Active Directory replicated perfectly. No issues.

When I tried to install 2008 SQL Server (full version) I keep getting errors like this one:

Failure creating local group SQLServer2005MSSQLServerADHelperUser$<servername>

I googled this message and it states that this comes up when you try to install SQL on a Read-Only DC. This one is NOT a RODC unless SBS Server does something when promoting it that takes privileges away.

How can I fix this so I can install SQL 2008 on my "Backup" Domain Controller?
0
Comment
Question by:Docomon
  • 5
  • 3
  • 2
10 Comments
 
LVL 14

Expert Comment

by:Brad Groux
ID: 40299457
SQL Server should not be installed on a DC, they don't play nice together - http://msdn.microsoft.com/en-us/library/ms143506.aspx#DC_Support

With that said, you should be able to install it - but there ARE limitations, specifically the usage of local service accounts.

For security reasons, we recommend that you do not install SQL Server 2014 on a domain controller. SQL Server Setup will not block installation on a computer that is a domain controller, but the following limitations apply:

• You cannot run SQL Server services on a domain controller under a local service account.
• After SQL Server is installed on a computer, you cannot change the computer from a domain member to a domain controller. You must uninstall SQL Server before you change the host computer to a domain controller.
• After SQL Server is installed on a computer, you cannot change the computer from a domain controller to a domain member. You must uninstall SQL Server before you change the host computer to a domain member.
• SQL Server failover cluster instances are not supported where cluster nodes are domain controllers.
• SQL Server Setup cannot create security groups or provision SQL Server service accounts on a read-only domain controller. In this scenario, Setup will fail.
I'd suggest trying to run the setup.exe as a domain or enterprise admin. Right-click setup.exe and "run as another user."
0
 

Author Comment

by:Docomon
ID: 40299470
SQL is installed on the 2011 SBS Server though and it works fine!

This is a freshly installed 2008R2 Server. SQL wasn't already installed before it was promoted to a DC.

AFTER it was promoted and updates applied and Active Directory Replication was completed and verified did I attempt to install SQL 2008 Server.

Is there no way to install it on the "Backup" Domain Controller?

I have also verified that it is NOT in Read-Only mode (the Domain Controller, that is.)
0
 

Author Comment

by:Docomon
ID: 40299478
Your comment states that it cannot run under a "local service account". Is there another way to install/run it? I REALLY need SQL on this server!
0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 
LVL 14

Expert Comment

by:Brad Groux
ID: 40299484
SBS is not equivalent to regular Windows Server. SBS is meant to be an "infrastructure in a box" solution, so having several roles or applications on SBS is common practice.

If you can't create the required security groups than there is a permissions issue at fault.

A better practice would be to utilize Hyper-V to host the DC and SQL servers on separate virtual machines (on the same physical hardware) rather than on the same box. Server 2008 Standard includes licensing for up to 5 virtual hosts.
0
 
LVL 14

Expert Comment

by:Brad Groux
ID: 40299487
Your comment states that it cannot run under a "local service account". Is there another way to install/run it? I REALLY need SQL on this server!
Yes, utilize a domain account. If you're trying to install it using a local account, that is your problem. Create a SQL service account in AD... which you should be doing anyway as it is best practice.
http://msdn.microsoft.com/en-us/library/ms143504.aspx
0
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40299498
Are you fully aware of the potential issues you will have with TWO DCs if you ever have to restore one?  In general, a lot of people recommend two DCs - I did too - but I've come to feel that it's not necessary nor advisable in most small offices.

And I agree with Brad regarding SBS - it's an integrated package designed to run everything on one system - though NOT necessarily SQL since the 2003 edition.

Can you get SQL working on a DC?  Yes.  Should YOU?  Probably not.  I would strongly suggest you demote the system first, then install SQL to a NON-DC.

And yes, DCs don't have LOCAL accounts so you cannot create local accounts.  You'd have to create a domain service account.
0
 

Author Comment

by:Docomon
ID: 40299524
This isn't a small office though. It has about 67 workstations on it. That's why I installed a 2nd DC. AND they are a manufacturing plant and run 24 hours! Down time has to be limited (which is why I installed this 2nd DC over Labor Day weekend, so I'd have 2 days that they are shut down in a row.)
0
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40299554
I thought I read that you had 20 users... must have been a previous question I was looking at, sorry.

So why didn't you install two servers?

You can't buy Server 2008R2 anymore unless you go out of your way - if you bought 2012 R2, you get two VMs, so install one as your DC and one as your SQL server.  (You ARE virtualizing, right?)
0
 

Accepted Solution

by:
Docomon earned 0 total points
ID: 40303671
I installed SQL on a 3rd stand alone server and didn't promote it as a DC. This solved the problem and I am able to function without incidence.
0
 

Author Closing Comment

by:Docomon
ID: 40311597
I had to move on as time was running out. This solution worked and allowed me to continue before the weekend was over and people started showing up to work.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MSSQL DB-maintenance also needs implementation of multiple activities. However, unprecedented errors can hamper the database management. In that case, deploying Stellar SQL Database Toolkit ensures fast and accurate database and backup repair as wel…
Microsoft Jet database engine errors can crop up out of nowhere to disrupt the working of the Exchange server. Decoding why a particular error occurs goes a long way in determining the right solution for it.
Via a live example, show how to shrink a transaction log file down to a reasonable size.
Viewers will learn how the fundamental information of how to create a table.
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question