Just wanted to run this by someone. I'm still troubleshooting and have at this point one more thing to try.
So here's my setup. I have a SQL server with a few different DNS aliases (A records) pointing to it. I have another server running CRM, which is setup to point to one of these DNS aliases (alias1) as the target SQL server for the install. During install (or in my case, a repair), it is looking to validate that the SQL server agent is running on the SQL server. The service is running, but the install can't see it because of what appears to be some permission/security issue.
The account(s) i'm attempting with the install are not able to remotely manage the services on the SQL server (services.msc) using the DNS alias. These are local admins on the SQL server, some of them are also domain admins. There are however some accounts that can do it (ie. the domain administrator account from another trusted domain that I granted local admin rights on the server).
Here's how it looks with a specific account (a domain admin that's also explicitly granted local admin rights on the SQL server).
- I can manage it REMOTELY using the server hostname.
- I can manage it REMOTELY using the IP of the DNS alias (not the same as the hostname IP, the server has multiple IPs on te same NIC).
- I can manage it locally using the DNS alias.
Again, I can manage it REMOTELY using the domain admin account from a trusted domain (account is added as a local admin on the server).
I thought maybe this tied into the loopback check issue, so I've already added the DNS alias names in the BackConnectionHostNames reg key. I believe that should take affect right away, but that didn't work.
The last thing I'm going to try is adding the DisableLoopBackCheck key. I won't however be able to fully test and restart the production SQL box for several days, so I thought I'd get an opinion here that might give me something to try in the meantime.
On any other random server that I point another DNS alias to, I'm able to manage the services remotely just fine as long as I'm an admin on that box.
SQL server is on Windows 2012 R2 (In a Windows Failover Cluster, but there is currently only 1 node. The DNS alias I'm using is not the cluster name or IP).
CRM server is Windows 2012 (Just one of the servers where it's causing me an issue).
Thanks for any suggestions!