MORE INFORMATION

SQL Server 6.5 and 7.0

Warning If you try to change service account information, such as the account name or the password, while SQL Server is clustered, the service cannot start when you try to bring the cluster group online. In this scenario, you may have to manually remove SQL Server completely from both nodes, secure your SQL Server databases, and then reinstall SQL Server.

To change the service startup accounts for a clustered computer that is running SQL Server, follow these steps:

1. Make sure that the SQL Virtual Servers resource group is owned by the node from which it was initially installed.
2. Run the Cluster Failover Wizard and choose the option to remove the SQL Server virtual server.
3. Change any service accounts for the following services to the account that you want:
   • MSSQLServer
   • SQLExecutive
   • SQLServerAgent

   Note This account must be a valid domain account and should be in the Local Administrators group on both nodes of the cluster. Also, the account must have the following rights:

   • Act as part of the operating system
   • Logon as a service
   • Logon locally
4. Run the Cluster Failover Wizard to add the SQL Server virtual server again.

SQL Server 2000

Although the account that is used is automatically assigned the appropriate privileges during the installation process, if the account is changed, it (or the Administrator group) must have the following attributes:

• It must be a domain account.
• It must be a member of the local Administrators group (Microsoft Windows NT 4.0 only).
• It must have the following rights:
  • Act as part of the operating system
  • Logon as a service
  • Replace a process-level token
• The service account for the Cluster service must have the right to log in to SQL Server. If you accept the default, the account [NT Authority\System] must have login rights to SQL Server so that the SQL Server resource DLL can run the isAlive query against SQL Server.
• If the service account for SQL Server is not an administrator in a cluster, the administrative shares cannot be deleted on any nodes of the cluster. The administrative shares must be available in a cluster for SQL Server to function.

Warning If you must change the account under which the SQL Server virtual server runs, you must use SQL Server Enterprise Manager. Using this tool to change the service password will make the change on all the nodes and grant the necessary permissions to the selected user account.

If you do not use SQL Server Enterprise Manager to change passwords, full-text search may not function properly, and SQL Server may not start.

If you are using Kerberos Security Support Provider Interface (SSPI) authentication in a Microsoft SQL Server 2000 and Microsoft Windows 2000 environment, you must drop your old service principal name (SPN), and then create a new one by using the new account information. See the "Security Account Delegation" topic in SQL Server 2000 Books Online for details about using SETSPN to do this.