New year … new problems … new blog post :). Actually this one is from previous year but as I was a bit busy with different things (read ILM2) and had 2 weeks of Christmas break it gets here now.
When you are setting up new ILM 2007 instance you need two accounts:
- local or domain account with administrative privileges to actually install ILM service
- ILM service account which will be used to run the service.
None of these accounts have to have some higher privileges in domain (and I’ve heard it few times so just to clarify … no – it doesn’t have to be domain admin account). During ILM setup ILM verifies that it can connect to SQL server and then as next step information about ILM service account has to be provided. And sometimes as a next step one might see this error message:
So of course you should validate all the things which are being mentioned in this dialog box, which are:
- general SQL connectivity, however if you are at this point of setup process it means that ILM setup can communicate with SQL Server
- that you are not using local account to access remote SQL server
- and ILM service account has appropriate SQL login created.
However when you will check all this things you have to check one thing which is not obvious and where this error message is misleading. What is required is that account which is being used to perform setup operation not ILM service account has to be granted with permission to create ILM database on SQL server. So if it is local administrator account it won’t be able to create it or even if it is domain account without appropriate SQL permissions being assigned.
And just for ILM setup process from what I’ve tested these permissions are at sysadmin level and even dbcreator role is not enough. Which of course isn’t required later for ILM service account to operate successfully.
PS. As one of my great colleagues at Microsoft support organization spent some time on verification and checking this I think you can see KB article on this in the feature. In the meantime I hope this quick tip will save somebody some time.