Thursday, September 25, 2014

The WSFC cluster could not bring the Network Name resource with DNS name 'ServerName' online. (Microsoft SQL Server, Error: 19471)

While configuring SQL Server 2012 Always on Listener name you may encountered the below issue :

The Windows Server Failover Clustering (WSFC) resource control API returned error code 5057The WSFC cluster could not bring the Network Name resource with DNS name 'ServerName' online. The DNS name may have been taken or have a conflict with existing name services, or the WSFC cluster service may not be running or may be inaccessible. Use a different DNS name to resolve name conflicts, or check the WSFC cluster log for more information.
The attempt to create the network name and IP address for the listener failed. The WSFC service may not be running or may be inaccessible in its current state, or the values provided for the network name and IP address may be incorrect. Check the state of the WSFC cluster and validate the network name and IP address with the network administrator. (Microsoft SQL Server, Error: 41009)

1. Verify the listener AD object has proper permissions or not, If not ask your admins to give proper permissions to that object

2. Later do nslookup of that objet and get the IP address of it and configure the listener with static port of the IP which you got in the nslookup.

3. If that doesn't work then remove the listener from the SQL AG and ask your admins to add DNS to the object first and then add listener at the AG it will work.


Friday, September 5, 2014

SQL Server Virtual Service Accounts

SQL Server Virtual Service Accounts
From SQL Server 2012 onwards if you observe the SQL Server configuration manager you will notice SQL Server Engine and SQL Server Agent will be assigned with two different accounts like NT Service\MSSQLServer or NT Service\MSSQL$InstanceName and NT Service\SQLServerAgent or NT Service\SQLAgent$Instance, these two are known as virtual service accounts and were introduced in SQL Server 2012. For earlier versions like SQL Server 2005, 2008 if you observe you will see NT Authority\System or Local System but there is no NT Service\MSSQLServer.

Virtual Accounts was introduced in windows 2008 R2 which is managed local account with auto-password. These virtual accounts are unique instances of NT Service account and we cant find this accounts in Local Users and Groups and they cannot be deleted and you cannot change password or you cannot get password of the virtual account that will be auto password maintained by OS. When you install SQL Server 2012 on top of windows 2008 R2 you will see these virtual accounts in the SQL Server configuration manager, DBA’s generally runs SQL Service with Local system account or Domain Account with limited privileges, tough it is tough periodically they will change the password of domain accounts for security reasons. If we use virtual accounts then we can avoid this situations like changing passwords periodically.

For some reason if you change the virtual account to Local System for SQL Server Engine. Later you want to assign virtual account back to SQL Service, now you cant browse this account because it is not found in local users and groups, So you need to type the account as NT Service\MSSQLServer, For password you don’t know the password if you give any password system will say it’s an incorrect password, So you need to leave the password box blank and then click apply to get the auto generated password automatically. Like this you can change the service accounts to assign virtual accounts.