stsadm createssp Provisioning Failed
- provisioning failed: user does not have permission to perform this action
We are on the last step of the Deploy using DBA created databases document in an environment where we do not have dbcreator or securityadmin on the SQL server. We encounter the message above after about 10 minutes of waiting for the createssp command to complete at the command prompt.
Environment is Win Server 2003 x64 SP 2 (In a 2 server deployment w/ Central admin installed on both servers, 1 as Index, and 1 as Query)
w/SQL 2005 x64 SP 2
MOSS 2007 w/ SP1 (latest MSDN combined version)
.Net 3.5The result is that the SSP admin interfacece is created, but there is a red x on the central admin screen next to the shared service provider name along with the error message above (the MySites, SSP App, and Portal site are all listed under it). In addition when accessing Search Settings, the following error is displayed: The seach application is not provisioned because a Shared Service Provider has not been created.
We followed the document to the T, and have provided access to the appropriate accounts to the databases as instructed.
When running a SQL trace, we noticed the same error message happens on the following command:
exec sp_executesql N'declare @user_name sysname select @user_name = SUSER_SNAME(@sid) if (@user_name is not null) exec sp_grantlogin @user_name declare @db_user_name sysname select @db_user_name = name from sysusers where sid = @sid if (@db_user_name is null and @user_name is not null) exec sp_grantdbaccess @user_name, @db_user_name output if not user_id(@db_user_name) in (1,0,3,4) exec sp_addrolemember @role, @db_user_name',N'@sid varbinary(28),@role nvarcharIt was executed against the config database by the install account. sp_grantlogin is the problem here and this runs even though the account has already been added to the database.
This could be a new bug introduced in the MOSS 2007 SP1 installer when using DBA created databases with minimal permissions.
RobertRFreeman
Answers
Hi Robert, this forum is for software developers who are using the Open Protocol Specification documentation to assist them in developing systems, services, and applications. The Open Protocol Specifications can be found at: http://msdn2.microsoft.com/en-us/library/cc203350.aspx. Since your post does not appear to be related to the Open Protocol Specification documentation set we would appreciate it if you could try the 'SQL Server Security' forum at http://social.msdn.microsoft.com/forums/en-US/sqlsecurity/threads/ instead to find the information you are looking for. Thanks!
Your description of the problem implies a security issue; however, please note we also have a number of SharePoint forums listed on http://forums.microsoft.com/MSDN/default.aspx?siteid=1.
Regards,
Bill Wesse - MSFT
Escalation Engineer- Edited byAlex MorrillMSFT, ModeratorTuesday, January 27, 2009 11:42 PMremoved Windows reference - forum is for more general interoperability
- Proposed As Answer byBill Wesse MSFTModeratorSaturday, January 24, 2009 1:03 PM
- Marked As Answer byBill Wesse MSFTModeratorSaturday, January 24, 2009 1:03 PM
Good morning Robert - no problem on the post. I would have been pleased to assist more, save that I don't have much direct experience with Sql security configuration.
Regards,
Bill Wesse - MSFT
Escalation Engineer- Marked As Answer byBill Wesse MSFTModeratorSunday, January 25, 2009 11:32 AM
All Replies
Hi Robert, this forum is for software developers who are using the Open Protocol Specification documentation to assist them in developing systems, services, and applications. The Open Protocol Specifications can be found at: http://msdn2.microsoft.com/en-us/library/cc203350.aspx. Since your post does not appear to be related to the Open Protocol Specification documentation set we would appreciate it if you could try the 'SQL Server Security' forum at http://social.msdn.microsoft.com/forums/en-US/sqlsecurity/threads/ instead to find the information you are looking for. Thanks!
Your description of the problem implies a security issue; however, please note we also have a number of SharePoint forums listed on http://forums.microsoft.com/MSDN/default.aspx?siteid=1.
Regards,
Bill Wesse - MSFT
Escalation Engineer- Edited byAlex MorrillMSFT, ModeratorTuesday, January 27, 2009 11:42 PMremoved Windows reference - forum is for more general interoperability
- Proposed As Answer byBill Wesse MSFTModeratorSaturday, January 24, 2009 1:03 PM
- Marked As Answer byBill Wesse MSFTModeratorSaturday, January 24, 2009 1:03 PM
- Hi. Sorry for this. I was in another forum when I posted this, but it put it here. After restarting the browser, I was able to post to the correct forum.
RobertRFreeman Good morning Robert - no problem on the post. I would have been pleased to assist more, save that I don't have much direct experience with Sql security configuration.
Regards,
Bill Wesse - MSFT
Escalation Engineer- Marked As Answer byBill Wesse MSFTModeratorSunday, January 25, 2009 11:32 AM
