Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
You do not have sufficient operating system permission to open the SQLServerAgent status event.
|English: Request a translation of the event description in plain English.|
I got this error after I have created different accounts for sqlserver and sqlagent service.
From a newsgroup post: "Installing SP3 or SP3a on MS SQL Server 2000 Enterprise Edition caused this problem in my case (MSSQLServer service is running under different local user account than the SqlServerAgent service and MSSQLServer is not given Administrator privileges). I see this buggy behavior on various installations: W2K Advanced Server SP4 or W2K3. SP3 or SP3a. Default instance or named instance. New freshly installed server or old one. The only condition is that the MSSQLServer and SQLServerAgent services run with different user accounts and the MSSQLServer
one does not have admin rights. Before SP3 installation everything runs OK.
What helps: Add MSSQLServer service account to Administrators group. OR Run MSSQLServer and SQLServerAgent with the same account.
What doesn't help: Changing the services' user accounts using Enterprise Manager. Add services' accounts to Power Users."
An answer from a MS engineer in a newsgroup post: "I suspect that the issue is addressed in the cross-database ownership chain which uses in Microsoft SQL Server Service Pack 3 (SP3). Based on my research, SP3 provides a new security enhancement related option for configuring cross-database ownership chaining; enable cross-database ownership chaining for all databases during setup. With this new option, you can control whether or not you permit cross-database ownership chaining. By default, this option is disabled. Microsoft recommends that you use the default option, because it makes your database server more secure.
However, database objects may have different owners. When an object such as a view, a stored procedure, or a user-defined function references another object, an ownership chain can be established. When the ownership chain is unbroken, SQL Server checks permissions on the source object but not on the target objects.
Therefore, it is recommended that you change the configuration of the cross-database ownership chaining. You can reference the following step-by-step article to perform such a change: ME810474 (Cross-Database Ownership Chaining Behavior Changes in SQL Server).
Additionally, I also suggest you running the MSSQLServer service with a local account and
SQLServerAgent with Admin privilege to see if the jobs work fine. Otherwise, it seems that you
should run these both services with the FULL privileges."
From a newsgroup post: "This is most likely a permissions issue. Make sure the account SQLAgent starting under has permissions to:
- Replace A process level token
- Increase Quotas
- Logon as a service.
Books online states that the account needs to be a member of the local admins group as well."
|Private comment: Subscribers only. See example of private comment|
|Links: ME810474, Securing SQL Server|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (5) - More links...|
Send comments or solutions
- Notify me when updated