This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 39%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Hi All ,
We are using the Kevin holamn's SQL run as addenddum management pack to enable SID's for SQL servers to use NT SERVICE\HealthService to avoid creating separate run as accounts to monitor SQL servers and its components.
https://kevinholman.com/2016/08/25/sql-mp-run-as-accounts-no-longer-required/
We have enabled the SID and SQL team has run the required SQL script from their end to grant the proiviliges to NT SERVICE\HealthService in the SQL server as mentioned in the Kevin blog.
But still we are receving the below error.
Error(s) was(were) occurred:
Message: [Error number: 916] The server principal "NT AUTHORITY\SYSTEM" is not able to access the database "XYZ" under the current security context.
Our DBA team does not understand why the SCOM tries to access/monitor database XYZ on Server\Instance ABC\wave with NT AUTHORITY\SYSTEM
The rights script has successfully granted rights to NT SERVICE\HealthService (as is used by the Run As Addendum MP from Kevin Holman) for SQL Server monitoring using Service SID.
According to our DBA team, server ABC.com has other Instances (containing databases) as well and even instance wave contains also other databases apart from database XYZ.
For these other instances and databases no alerts are being generated, so monitoring is fine for those.
So why is SCOM trying to access/monitor database XYZ on Server\Instance ABC\wave with NT AUTHORITY\SYSTEM instead of NT SERVICE\HealthService?
Can you please assist us.
Regards,
Ravi shankar
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 92%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXM%3C/text%3E%3C/svg%3E)
Hi,
I will do a lab test for this issue and get back to you as soon as possible.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 22%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Hi Xin,
Did get time to check on it.
Regards,
Ravi shankar
I'm doing the test, but it's not working out yet. Sorry.
Hi All,
Any one has idea why this is happening only for one instance on a DB server.
Ravi shankar
Hi
Not sure if you have resolved this yet - if you have it would be great if you could post the fix.
One thing to review is to manually check off that each requirement is in place. Sometimes scripts fail .. sometimes individuals forget to run them or target the wrong instance ... sometimes things just don't seem to do what they should. Given that it is just one box then there is something specific here and not a general issue with the scripts.
The fact that it is trying to run as local system suggests that the service sid hasn't been set correctly somewhere. Are you using the SQL agnostic management packs or a mix of SQL agnostic and "old style".
Kevin has further troubleshooting ideas at the bottom of his article - https://kevinholman.com/2016/08/25/sql-mp-run-as-accounts-no-longer-required/
Regards
Graham