SQL Server 2019 Always On AG - DBEngine Service account locking

Occasional Visitor

I am having a strange issue and am hoping you guys might be able to help!

Problem: I have a 2 node SQL Server 2019 Availability Group Cluster utilising a FSW. Both nodes are using the same DBEngine Service account. and it's been working fine for quite some time.

Today I restarted the passive node DBEngine account . When the node came back up, it was no longer synchronising with node 1. The state of the replica was disconnected, and I could see lots of login failures on Node 1 (active node) SQL Logs.

I found that the DBEngine service account had locked. I had it unlocked, but it soon locked again.

Has anyone got any ideas? Any input would be greatly received!

Steps I tried:

created a new service account to rule out the account being used elsewhere, started both nodes under the new account.... account locked out when node 2 started

unlocked the account, stopped node 2. restarted node 1. Account fine... waited.. account still fine. Started node 2 service... account locked out.

recreated mirroring endpoints on both nodes and reapplied connect permissions to the dbengine service account. - this didn't fix it.

restarted both Servers.

removed the node 2 replica from the availability group, removed all databases (from node 2) and dropped the mirroring endpoint on node 2. restarted node 2 service. - at this point both nodes were happily running under the same service account.

tried re-adding node 2 as a replica using the wizard. It added it, backed up the database, restored to node 2, and got to the very last step where it connects it, and the password locked out again!

0 Replies