SQL Server Q&A

Symptoms
If the Certificate Server is installed on a Microsoft Windows 2000 computer and the Certificate Authority (CA) name is the same as or starts with the machine host name, an attempt to connect to SQL Server 2000 fails.
The following error message appears when you try to connect from SQL Server Query Analyzer:

Unable to connect to server. Server msg 18, level 16, state 1. [Microsoft] [ODBC SQL Server Driver} [Shared Memory] SSL security error The following error message appears when you try to connect from SQL Enterprise Manager:

Unable to connect to server. Reason: SSL security error. ConnectionOpen (SECDoClientHandShake())… The SQLServerAgent service also fails with the following error message:

Could not start SQLserverAgent Service on local computer. The service did not return an error. This could be an internal Windows error or an internal service error. If this error persists, contact your system administrator. Due to the same connectivity errors indicated previously, an attempt to install Microsoft SQL Server 2000 may also fail.
If you attempt the Microsoft SQL Server installation on a computer on which the Certificate Server and the Certificate Authority(CA) name is the same name as or starts with the machine host name, the SQL Server installation on that computer may fail at the configuration stage. During the configuration stage of the installation process, the setup program makes a connection to SQL Server.
This problem applies to any edition of Microsoft SQL Server, including the Microsoft Desktop Engine (MSDE) installation.
The Microsoft SQL Server installation may fail with the following error message:

Setup failed to configure the server. Refer to the server error logs and C:\WINNT\sqlstp.log for more information. If the error message occurs, SQL Server writes the following information in the Cnfgsvr.out file located in the SQL Server Install subfolder:

###############################################################################Starting Service …SQL_Latin1_General_CP1_CI_AS-m -Q -T4022 -T3659Connecting to Server …driver={sql server};server=Instance_Name;UID=<username>;PWD=<strong password>;database=master[Microsoft][ODBC SQL Server Driver][Shared Memory]SSL Security error[Microsoft][ODBC SQL Server Driver][Shared Memory]ConnectionOpen (SECDoClientHandshake()).driver={sql server};server=ORLANDO;UID=<username>;PWD=<strong password>;database=master[Microsoft][ODBC SQL Server Driver][Shared Memory]SSL Security error[Microsoft][ODBC SQL Server Driver][Shared Memory]ConnectionOpen (SECDoClientHandshake()).driver={sql server};server=ORLANDO;UID=<username>;PWD=<strong password>;database=master[Microsoft][ODBC SQL Server Driver][Shared Memory]SSL Security error[Microsoft][ODBC SQL Server Driver][Shared Memory]ConnectionOpen (SECDoClientHandshake()).SQL Server configuration failed.###############################################################################
By default, the Microsoft SQL Server Desktop Engine setup does not generate a Cnfgsvr.out file. The setup program may fail to configure SQL Server and the following error message may appear:

Setup failed to configure the server. Refer to the server error logs and setup error logs for more information. However, note that a configuration failure can occur due to reasons other than the one described in this article.
Resolution
The Certificate Authority (CA) name of the Certificate Server is critical when you have SQL Server 2000 on the same host. When SQL Server 2000 starts and finds a certificate with the same machine name as the subject, SQL Server tries to use it for encryption, even though it is not a valid SQL Server encryption certificate. Therefore, any attempt to connect to that SQL Server computer fails with the error shown in the “Symptoms” section.
The removal of the Certificate Server from the Microsoft Windows 2000 server does not remove the Certification Authority keys. The previously installed keys still affect the computer that is running SQL Server.

Symptoms
Microsoft SQL Server does not support the installation or use of SQL Server Failover Clustering on Microsoft Windows Server 2003-based server clusters or on Windows Server 2008-based server clusters if the server clusters have Terminal Server installed. This configuration was known as Application Mode in Microsoft Windows 2000. However, SQL Server 2000 instance installation is supported as a stand-alone instance for Windows Server 2003 or Windows Server 2008 Terminal Services Mode (Application Mode).
For Windows Server 2003 or Windows Server 2008 Terminal Server Remote Desktop for Administration Mode, SQL Server 2000 installation is fully supported as both a clustered instance and a stand-alone instance.
Note Cluster instances for the versions of SQL Server that are listed in the “Applies To” section are currently not supported on Windows Server 2003 or Windows Server 2008 Terminal Server Server Cluster installations.
Resolution
Terminal Server provides remote computers with access to Windows-based programs running on the following systems:Windows Server 2003 Standard Server Windows Server 2003 Enterprise Server Windows Server 2003 Datacenter ServerWindows Server 2008 Standard Server Windows Server 2008 Enterprise Server Windows Server 2008 Datacenter ServerWith Terminal Server, you can provide a single point of installation that gives multiple users access to any computer that is running one of the operating systems listed earlier. Users can run programs, save files, and use network resources, all from a remote location as if these resources were installed on their own computers. This functionality is now available on server clusters in Windows Server 2003.
Remote Desktop for Administration is another part of the Terminal Services technology that is offered in Windows Server 2003 or in Windows Server 2008. You can enable remote administration of servers with Remote Desktop for Administration on any computer that is running the Windows Server 2003 or Windows Server 2008 family of products, even if Terminal Server is not installed.
Note In Microsoft Windows 2000 Server, the Terminal Server component is named Terminal Services in Application Server mode. In Microsoft Windows 2000 Server, the Remote Desktop for Administration component is named Terminal Services in Remote Administration mode.
To determine whether the Terminal Server service is running on the computer, follow these steps:Open Control Panel.Double-click Add/Remove Programs.On the left side of the screen, double click Add/Remove Windows Components.Under Components, scroll down the list until you find Terminal Server. If Terminal Server is not selected, the service that is running is the “Remote Desktop” service and you can continue with your SQL Server installation. If Terminal Server is selected, you must clear the check box to remove the Terminal Server service in the application before you continue with the SQL Server installation.For more information about the supportability of SQL Server failover clusters on Windows Server 2003 clusters, click the following article number to view the article in the Microsoft Knowledge Base:
313037?(http://support.microsoft.com/kb/313037/) Upgrading SQL Server clusters to Windows Server 2003
Example log behavior if Terminal Server is installedIf Windows Server 2003 Terminal Server is installed and you try to install SQL Server, no log files exist in the %windir% folder. However, the log files are stored in the %userprofile%\Windows folder. When you check the log files and you compare the log to the system variables, you see results that are similar to the following in the Sqlstp.log file:

19:41:44 Begin Action: SetupInstall19:41:44 Reading Software\Microsoft\Windows\CurrentVersion\CommonFilesDir …19:41:44 CommonFilesDir=C:\Program Files\Common Files19:41:44 Windows Directory=C:\Documents and Settings\&lt;user_name&gt;\WINDOWS\ 19:41:44 Program Files=C:\Program Files\19:41:44 TEMPDIR=C:\DOCUME~1\<user_nam~1>\LOCALS~1\Temp\1\From system variables – USERPROFILE=C:\Documents and Settings\<user_name> windir=C:\WINDOWSNote This example does not apply to servers that are running Windows 2003 Service Pack 1 (SP1) or a later version. We recommend that youcheck manuallyfor a Windows directory in the %USERPROFILE% directory.