1

I am attempting to install SQL Server 2014 Standard edition on a new Windows Server 2016 set up as a domain controller that replaces a retired DC. (I know it's not recommended, but we are a small operation and have combined Windows Server domain controllers and SQL Server without problem for years. Performance has been fine on our small LAN.) All prerequisite checks pass except for the warning about installing on a DC. Service accounts are set to domain user accounts with sufficient privileges. SQL Server Setup gets near the end and throws this error as shown in the Summary Setup Log:

Feature: Database Engine Services

Status: Failed: see logs for details

Reason for failure: An error occurred during the setup process of the feature.

Next Step: Use the following information to resolve the error, uninstall this feature, and then run the setup process again.

Component name: SQL Server Database Engine Services Instance Features

Component error code: 0x84BB0001

Error description: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL Provider, error: 0 - The token supplied to the function is invalid)

The error help link displayed after this just takes me to a main Microsoft page, not any help text.

Our existing DC runs Windows Server 2008 R2 and SQL Server 2005 Standard. We have no connections to the SQL Server outside our LAN and are not running IIS or any web services on the servers. I am not sure where to start diagnosing and correcting this setup error. For example, do we need to install a certificate on our DCs? Can it be a self-signed certificate, since we are making connections to SQL Server only on our LAN? Can we use something like OpenSSL?

Community
  • 1
  • Just a thought. Make sure that TLS 1.0 and 1.1 are enabled. We saw something similar that kept the install from working when we disabled TLS 1.0 and 1.1 on our SQL servers. If both are enabled, you may need to enable some of the weaker ciphers. Sounds strange, but with both disabled, we were not able to install SQL 2014 on a Win2016 server... – Shane Dovers Feb 10 '19 at 19:29

1 Answers1

0

Thanks. I took the advice to enable TLS 1.0 and 1.1 among others on our DCs along with some weaker ciphers. That did not correct the problem. I finally succeeded in installing SQL Server 2014 leaving the default service accounts in place. Then I fiddled later with attempting to change them to domain accounts. For the SQL Server service itself, I had to leave it with the default virtual account "NT Service\MSSQL$" in order to connect to the server in SSMS. While searching I learned about "Managed Service Accounts" as an alternative. Since we are at functional level Windows Server 2008 R2, I set up a managed service account for SQL Server according to guidelines in https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd560633%28v%3dws.10%29 and related articles like https://www.mssqltips.com/sqlservertip/5334/using-managed-service-accounts-with-sql-server/. All other services (Agent, Integration, Analysis, etc.) run OK using a regular domain user account, but the SQL Server service uses the managed service account. More testing is required, but for now this answers my initial post above about SQL Server setup failing.

Brett
  • 1