Hello.
I have installed a Windows Server 2008R2 with AD DS (DNS, DHCP) and SQL 2008x64.
Had a problem with SQL server agent that could not start with the default account (NT AUTHORITY/ LOCAL SYSTEM) so I created a new user with domain admin rights, authorised him to start the service and that was solved.
Now I am having multiple Security-Kerberos error events ID3:
Log Name:SYSTEM Source: Security-Kerberos Event ID: 3 A Kerberos Error Message was received: on logon session Client Time: Server Time: 18:57:45.0000 2/22/2011 Z Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN Extended Error: 0xc0000035 KLIN(0) Client Realm: Client Name: Server Realm: AI.LOCAL Server Name: MSSQLSvc/2008R2.Ai.local Target Name: MSSQLSvc/2008R2.Ai.local@AI.LOCAL Error Text: File: 9 Line: efb Error Data is in record data.
From a small research I made, it may refer to the new account I created.Kerberos can not recognize the user and grant him a service ticket? Action I took was going inside the user properties (in AD Domain Users) anddelegate him to use any service , which I understand is a security risk.
I just want to see the outcome of this action.
But then I have this "KDC encountered duplicate names while processing a Kerberos authentication request. The duplicate name is MSSQLSvc"which I suspect another service account tries to register the same process through Kerberos (?).Really need to investigate.
Log Name:SYSTEM Source: Kerberos-Key-Distribution-Center Event ID: 11 The KDC encountered duplicate names while processing a Kerberos authentication request.
The duplicate name is MSSQLSvc/2008R2.Ai.local (of type DS_SERVICE_PRINCIPAL_NAME).
This may result in authentication failures or downgrades to NTLM.
In order to prevent this from occuring remove the duplicate entries for MSSQLSvc/2008R2.Ai.local in Active Directory.
I also ran find /I "cannot find" %SYSTEMROOT%\security\logs.logand what I got was:
---------- C:\WINDOWS\SECURITY\LOGS\WINLOGON.LOG Cannot find MSSQLFDLauncher. Cannot find MSSQLSERVER. Cannot find SQLSERVERAGENT. Cannot find WdiServiceHost. . . . Cannot find MSSQLFDLauncher. Cannot find MSSQLSERVER. Cannot find SQLSERVERAGENT. Cannot find WdiServiceHost.
practically the same pattern of those four a dozen of times.
MSSQLSERVER is the instance of the SQL Server and SQLSERVERAGENT for the server agent for whomthe same custom created user (SQLSrvagent) starts them both.
Maybe my approach is wrong but felt I could take some small action :-)
Any help would be greatly appreciated.
On a side note no practical problems exist.Both SQL Srver and SQL Agent start and work good.
Thank you.