Wednesday, November 19, 2025

Fixing MSSQL Service Startup Failure After Reboot: Logon Failure & Group Policy (GPO) Solution

Introduction
Have you ever rebooted a server only to find your MSSQL service refuses to start? If you’ve encountered Event Viewer errors about logon failure, especially relating to “NT Service\MSSQL<InstanceName>,” you’re not alone. This post explains the issue, why it occurs—especially in domain environments—and how to fix it with a verified Group Policy tweak.

Symptoms and Error Messages

  • The Issue:
    MSSQL service fails to start automatically after a server reboot.

  • Virtual Account:
    MSSQL<InstanceName>

  • Domain Account:
    NT Service\MSSQL<InstanceName>

  • Service Start Error:

    text
    Windows could not start the SQL Server <ServerName> service on Local Computer.
Error 1069: The service did not start due to a logon failure.

  • Event Viewer Message:

    The "<Virtual account>" is unable to login as <Domain account> with the currently configured password due to the following reason:
    Logon failure, the user hasn't been granted the requested logon type at the computer.

  • Root Cause:
    The service account does not have the required user right “Log on as a service.”

Why This Happens

  • This error is not expected on non-domain laptops or desktop.

  • The problem usually occurs on domain-joined servers where Group Policy Objects (GPOs) override local security settings.

  • MSSQL’s virtual account must be explicitly granted “Log on as a service” rights in GPO, otherwise the service cannot start after a reboot.

How to Fix the Problem (Verified Solution)

  1. Update Your Group Policy:

    • In your “Log on as a service” user rights assignment, add
      NT Service\MSSQL<InstanceName>

    • This explicitly gives the MSSQL virtual account permission to start as a service.

  2. Quick Admin Tip:

    • If AD administrators run into trouble adding specific virtual accounts, it’s easiest to add
      NT SERVICE\ALL SERVICES
      to the “Log on as a service” policy.

    • Important:
      You won’t find “NT SERVICE\ALL SERVICES” in the account picker—just type it in manually and apply.

  3. Verification:

    • Once added, MSSQL services should start normally after reboot. This fix is tested and confirmed.

Conclusion
Troubleshooting MSSQL startup failures can be tricky in domain environments, but giving virtual service accounts the necessary logon permissions via GPO resolves the issue quickly. Remember this tip next time you face logon failure after a server reboot!


Refer: https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-windows-service-accounts-and-permissions?view=sql-server-ver17#windows-privileges-and-rights


Thanks.

at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Ingest csv data into Apache Iceberg using spark notebook

  Objective: Ingest csv data into Apache Iceberg using spark notebook Steps: 1. Start our VM 2. start our docker containers cd /opt/de [root...