This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 94%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
If the computer is rebuilt, the same domain user that was previously used by the service account can recover the service master key.
In the above quote, does recover mean be able to decrypt or be able to execute the restore from backup SMK?
I take it that it means decrypt. Further below is says:
f you move SQL to another machine, then you have to use the same service account to decrypt the SMK - SQL Server will fix the Machine account encryption automatically.
Hi @Fbhyyta ,
I agree with @Erland Sommarskog , I also think that the sentence means decrypt. Cuz When restoring the service master key, SQL Server decrypts all keys and secrets that have been encrypted with the current service master key, and then encrypts them with the service master key loaded from the backup archive. If any of the decryption fails, the restore fails. You can take advantage of the FORCE option to omit errors, but this option causes all data that cannot be decrypted to be lost. The quote doesn’t mention anything about the consequence of failure. So I take it as the decrypt.
Best regards
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment"
Hi @Fbhyyta , have you solved the problem alreay? I hope this answer might be a little help for you if so pls mark the answer. If you still have some problems pls kindly let me know.