"Jason Robertson" <jason6869@msn.com> wrote in message
news:YN6dnbctB6bW4eDcRVn-pA@comcast.com...
> Hi,
>
> I have set up an Active Directory, Certificate Services on Windows 2003
> Server. I am running SQL 2000 Server. AD and Certificate Services were
> installed correctly.
>
> My goal is to be able to use SSL when connecting to SQL Server via Query
> Analyzer. I also want to keep the SQL Server installation under a "Domain
> User" account with as little privileges as possible.
>
> My problem is that SQL Server will not start when "Domain User" is only a
> "member of" "Users" group. It starts when I make "Domain User" a "member
of"
> "Administrators". It seems that the SSL "forced encryption" will only work
> with "Administrator" privileges which is the total access to control the
> server, and this is not safe.
>
> Does it mean that SSL "forced encryption" will only work under a "Domain
> User" that is a "member" of "Administrators"? Is there another "Group"
with
> limited privileges that I could assign the "Domain User" to?
>
> How else could I have the SSL work and SQL server installation in a
"Domain
> User" account?
>
> I have tried so many different things. Wasted one week already. Nothing
> works. There was some MS bug bulletin saying that this problem was fixed
> with SQL 2000 service pack 2. I have service pack 3a installed. It still
> does not work. The log shows the same errors as on the MS fix buletin that
> was supposed to be fixed by that sevice pack. I've tried with Windows 2003
> Srv, Win 2000 Srv. SQL Standard, Enterprise. I just cant get it to run.
Can
> you offer some more specific clues? It is so depressing and dissapointing.
> Here is the MS buletin that I mentioned:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;314636
>
> Thank you for your help.
>
>