| Puppet Version: 7.6.0
Puppet Server Version: 2021.1
OS Name/Version: Primary RHEL8 & Agent(issues) Windows Server 2019 The customer is having issues with running MSSQL service by passing `logonaccount` parameters. Error: Failed to apply catalog: Parameter logonpassword failed on Service[MSSQLSERVER]: Failed to update service configuration: The account name is invalid or does not exist, or the password is invalid for the account name specified. (file: /etc/puppetlabs/code/modules/profiles/manifests/windows/mssql.pp, line: 32) The customer has tried to insert different combinations of LogonAccount (also trying to pass full path): 1. PILOT\rma_sql_svc
2. PILOT
rma_sql_svc
3. pilot.usda.lab\rma_sql_svc
4. pilot.usda.lab
rma_sql_svc
6. rma_s...@pilot.usda.lab Code snippet: service {'MSSQLSERVER':
logonaccount => 'pilot.usda.lab
rma_sql_svc',
logonpassword => 'Password1234', #sensitive
ensure => 'running'} **The puppet service account was given both Domain administrator and local administrator rights and nothing has worked. One of our engineers has managed to create a workaround and stated: "We added debug logs and the conclusion is that the error comes from Windows API and probably is caused by the way the MSSQLSERVER services are defined(maybe they are protected?), since we are not setting specifically the logon account on the respective API request." Desired Behavior: Run the MSSQL with a specific account. Actual Behavior: Windows API and MSSQLSERVER possibly have different ways of communicating and setting the accounts, which means that the current implementation of LogonAccount won't work for this specific service. Workaround applied: the direction was to use exec resource with unless parameter that will apply exec resource only if unless script return value is not 0. A bug was raised under: https://tickets.puppetlabs.com/browse/PUP-11121 More information from the customer ticket: https://puppetlabs.zendesk.com/agent/tickets/44707 |
