You can use the Services applet to change the password; however, it is
recommended to change the Services ACCOUNT through SQL Server EM. The
reason why is because if you use SQLEM, the current service account will
currently have the necessary rights to assign the new account all of the
permissions required. Changing to the Local System account will not hurt
too much because it should have all the necessary permissions.
Keep in mind, however, that on a clustered configuration, there can be more
than one node that needs to keep in synch with the other nodes. Moreover,
it is usually not just the MSSQL service that uses these accounts; there are
other services that typically share the same account. In addition, running
the services under different account types (Local System, Local User, Domain
Local, Domain Global, or Domain Universal) will alter the functionality
available to the installation.
You will need to make a choice between security level and functionality when
making the choice of account type. You will also need to synchronize the
cluster nodes to make sure they all have the same credentials.
Here is a KB describing how to Manually reconfigure your service accounts
and passwords. The accounts will need all of the rights listed when running
in a clustered configuration.
How to change the SQL Server or SQL Server Agent service account without
using SQL Enterprise Manager in SQL Server 2000 or SQL Server Management
Studio in SQL Server 2005
http://support.microsoft.com/default.aspx?scid=kb;en-us;283811 Lastly, try not to use the Services applet for Clustered Resources, you can
cause cluster failover or cluster corruption by doing this.
Sincerely,
Anthony Thomas
--
[quoted text, click to view] "JJP" <anonymous@discussions.microsoft.com> wrote in message
news:uXtdF6ZBGHA.3536@TK2MSFTNGP11.phx.gbl...
> Hi,
> We have an 2-node Active/Active SQL 2000 SP3a cluster on Windows 2003.
> Accordingly we have 2 instances of SQL, INST1 on node 1 and INST2 on
node2.
>
> I think our db admin did a "no no" a few weeks back. Having an issue with
> something SQL related, she changed the MSSQL$INST2 service account logon
> password on Node 2 from a domain user account to Local System using the
> Services applet. Then she changed it back to the domain user account
using
> the Services applet. Now, both instances on each node really only work on
> their respective node. Failover doesn't always work, and IF it does, not
> everything seems to work correctly (i.e., she said replication does not
> always work). If I get both to fail to one node, one of the instances
will
> start as Local System and the other as the domain user account. I don't
> think this is correct.
>
> So, being told this, I did some research and password changes are supposed
> to be done within the SQL Enterprise Manager. So went to change the
Startup
> Service Account through the SQL EM, tried to change the password and we
get
> the following error:
>
>
> Microsoft SQL-DMO (ODBC SQLState: 42000)
> ----------------------------------------
> Error 22042: xp_SetSQLSecurity() returned error -2147024893, 'The system
> cannot find the path specified."
>
>
> I know I didn't give much info on the exact problems we have with SQL now,
I
> need to wait until next downtime to test some more, but I need to know how
> bad it was to change the password in that manner and possible resolution.
> Thank you.
>
>
