Microsoft KB Archive/314636

= FIX: Cannot Use Non-Administrator Account to Start SQL Server and Force Encryption =

Article ID: 314636

Article Last Modified on 12/3/2003

-

APPLIES TO


 * Microsoft SQL Server 2000 Standard Edition

-



This article was previously published under Q314636



BUG #: 356700 (SHILOH_BUGS)



SYMPTOMS
If you start SQL Server 2000 and both of the following conditions are true:


 * The SQL Server 2000 service account is a non-administrator account.
 * The Force protocol encryption option is selected in the Server Network Utility.

The SQL Server service fails to start because it cannot access the Local Computer Personal container and the following error messages are recorded in the SQL Server error log:

2001-04-03 13:48:33.37 server   Encryption requested but no valid certificate was found. SQL Server terminating. 2001-04-03 13:48:33.39 server   Error: 17826, Severity: 18, State: 1 2001-04-03 13:48:33.39 server   Could not set up Net-Library 'SSNETLIB'.. 2001-04-03 13:48:33.42 server   Error: 17059, Severity: 18, State: 0 2001-04-03 13:48:33.42 server   Operating system error -1073723998: .. 2001-04-03 13:48:33.45 server   Unable to load any netlibs. 2001-04-03 13:48:33.48 server   SQL Server could not spawn FRunCM thread.



CAUSE
SQL Server 2000 fails to read the Local Computer Personal container because access is denied and it cannot find a valid certificate.



RESOLUTION
To resolve this problem, obtain the latest service pack for Microsoft SQL Server 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

290211 INF: How to Obtain the Latest SQL Server 2000 Service Pack



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

This problem was first corrected in Microsoft SQL Server 2000 Service Pack 2.



MORE INFORMATION
SQL Server 2000 allows encrypted connections over all network libraries by certificates and SSL encryption. To enable SSL encryption for SQL Server 2000 clients, you must have a valid certificate from a valid Certificate Server or have purchased certificates from a third party.

For additional information about how to enable encryption, click the following article number to view the article in the Microsoft Knowledge Base:

276553 HOW TO: Enable SSL Encryption for SQL Server 2000 with Certificate Server

You use the Server Network Utility to enable or disable the Force protocol encryption option.

Keywords: kbbug kbfix kbsecurity KB314636

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.