HI All, we have 6 node Always on AG groups in sql server 2014.

1 week ago 14 Replies
IM
Ila Maggio 6 years ago

HI All,

we have 6 node Always on AG groups in sql server 2014. service account that of sql getting locked every minute.
The Security System detected an authentication error for the server MSSQLSvc/MSRJ.abc.net:5022. The failure code from authentication protocol Kerberos was "The user account has been automatically locked because too many invalid logon attempts or password change attempts have been requested.

replicas also removed from AG .

could you please what is the issue . ?

Thanks
Raghu

0 Likes

Replies

Celia Muller 6 years ago

sorry mistakely pressed send button.

continued... below

0 Likes
Lucy Kemmer 6 years ago

As best practice we should use separate service account for SQL services n the option 'never expires' should be selected for it.....

1 Like
Lacey Jenkins (6 years ago)

Right.

Janet Mitchell 6 years ago

System level file can be deleted directly. Once enable all the services to automatic mode

0 Likes
Janet Mitchell 6 years ago

Delete the user account from master admin login after taking backup. Then recreat it again. Problem will bebsolved

0 Likes
Celia Muller 6 years ago

Ila Maggio Hi raghu, Recently i faced my AD account lockout issue would like to share the experience. i am not sure it will be the resolution but may help you to somewhat troubleshoot. similarly My AD account was locking out frequently every 15mins or you can say when i was using my credentials for any rdp, login ,logoff of my laptop. This started since when i changed my 3 password for AD account as per policy after 90 days.With the help of AD team i was able to found the server which was casuing problem to lockout issue . Then i statred to trouble shoot where my credentials are saved on that server for eg. are any services running under my AD account like sql agent

0 Likes
Celia Muller 6 years ago

every AD PROIFLE or windows login will have user profile created in C drive under windows\ users. my AD account user profile was deleted n every profile will have registry key mapped under regedit in my case which was mapped with old password casuing account lockout issue and not able create new key with same username.after deletion of old registry key my AD account lockout issue resolved.In your case its service account service accounts password should be set not to expire but you said password changed i expecting same issue. hope this will help you get some information to resolve issue.😊

2 Likes
Arne Schoen 6 years ago

As it clearly states, the account gets unlocked due to invalid PWD attempts, was password of the account changed recently? If it was changed, then check if right password is used for the services using this account.

1 Like
Ila Maggio 6 years ago

Celia Muller thank you

0 Likes
Ila Maggio 6 years ago

we got this AG dash borad

0 Likes
Ila Maggio 6 years ago

Zaker Ali i didnt get you , can u please elaborate more

0 Likes
Relate Discussions
• SQL Server AG Replicate goes to suspended state Hi 7 Replies
• Hi Guys, How to connect ms sql server from cmd for default,named instance in windows authentication ,sql authentication. 1 Replies
• While adding database in ag when i am trying to connect the secondary instance i am getting below error. 3 Replies
• We have an application where it do bulk insert into a table via a file loaded from network path. 5 Replies
• Urgent help How to enable SA account or add another login in SQL server with sysadmin permission We don't have any login with sysadmin permission no built in administrators nothing. 12 Replies
• When I open list developed by BCS i got this msg 4 Replies
• Hi Folks, I am getting error while connecting to SQL server using window authentication... 3 Replies
• Could you please suggest how can i resolve the issue. 4 Replies
• I am trying to install a SQL 2012 fail over cluster but the setup fails at the service accounts page. 4 Replies
• Hi experts, I'm trying to add new Windows authentication user on sql server 2008 r2. 22 Replies
Logo