Using Local account for setting HA SQL Always ON

Urbel 665 Reputation points
2026-07-03T06:53:01.38+00:00

Hi expert,

I use NT Service\MSSQL$MySQL account to running SQL Service then i've got error on SQL err log;

"..Database mirroring login attempt by user [Domain\Node1$] failed with error; Handshake failed with login [Domain\Node1$] does have no CONNECT permission on endpoint.."

I've set all but still error but if use Domain\domainAccount works fine

is it possible use Local account for setting SQL Always ON?

great thanks for all

warm regards,

UrBel

SQL Server Database Engine
0 comments No comments

1 answer

Sort by: Most helpful
  1. Erland Sommarskog 135.3K Reputation points MVP Volunteer Moderator
    2026-07-03T09:23:42.9433333+00:00

    It is possible to use local managed service accounts to set up an Availability Group. It's a little easier if all instances in the AG have the same service account, which is the case if you have domain account or a gMSA. With local accounts, each instance has its own local account.

    The way to go is to use certificates. I have done this myself at home, but rather sharing my own amateur scripts, I found this blog post from my MVP colleague Warwick Rudd: https://sqlmastersconsulting.com.au/configuring-availability-groups-to-use-certificates/ He talks about this in the context of an AG outside a domain, but the technique is valid in a domain as well.

    Was this answer helpful?

    0 comments No comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.