Hello everyone. I’m Reagan Templin, a new writer on the SharePoint Server IT Pro team. Recently I’ve been working on getting my test environment set up with SharePoint Server 2010 for the first time. I have my SQL Server computer separate from my SharePoint Server computer, and as I ran the SharePoint Products Configuration Wizard, I encountered the following blocking error on the Specify Configuration Database Settings page:
“Cannot connect to database master at SQL Server at <server_name>. The database might not exist, or the current user does not have permission to connect to it.”
This error generally means that the account you’re using to configure SharePoint does not have adequate permissions to connect to the SQL Server computer and complete the configuration. I went back to the SQL Server computer and verified that my SharePoint administrator account had the correct server roles assigned, and that the master database existed. I also verified that I had logged into the SharePoint Server computer with the SharePoint administrator account, so the configuration should have been able to continue. However, configuration was still unable to continue, so I spent some time troubleshooting what else might be wrong. Ultimately, it was a firewall issue blocking access to the port for the instance of SQL Server Database Engine.
The following is a summary of what I had done to configure the environment and what I did to resolve the error. Hopefully this can help others who may encounter the same error.
Created Virtual Machines
For this exercise, I’m using Hyper-V to host virtual machines. I created two new virtual machines: one for my SQL Server computer and one for my SharePoint Server computer. I installed Windows Server 2008 R2 Enterprise edition (64-bit) for both computers. I activated Windows, installed updates, and joined them to my test domain, contoso. I then took Hyper-V snapshots to preserve the images prior to any other installations or configuration.
Configured Accounts and Permissions
I followed the information in “Administrative and service accounts required for initial deployment (SharePoint Server 2010)” (http://technet.microsoft.com/en-us/library/ee662513.aspx) and “Least Privilege Service Accounts for SharePoint 2010” (http://www.sharepointproconnections.com/article/sharepoint/Least-Privilege-Service-Accounts-for-SharePoint-2010.aspx) to set up the correct accounts in the domain, and to grant those accounts the recommended access for least-privilege administration in the environment.
Based on that information, I set up the following domain accounts in Active Directory Domain Services on the Domain Controller computer:
contosoreagant – my personal domain account. This is the account that I use to log into the SQL Server computer to install and configure it. This account is a member of the local Administrators group on the SQL Server computer in addition to being part of the contoso domain.
contosoSQLsvc – my SQL Server service account. This is the account I specify for the MSSQLSERVER service and SQL Server Agent service during SQL Server installation.
contosoSPadmin – my SharePoint administrator account. This is the account that I use to login to the SharePoint Server computer to install and configure SharePoint Server 2010. This account is a member of the local Administrators group on the SharePoint Server computer. In SQL Server, it is also a login in SQL Server with dbcreator and securityadmin server roles, which enables the SharePoint Products Configuration Wizard to run and configure SharePoint.
contosoSPfarm – my SharePoint farm account. This is the account I specify as the SharePoint farm administrator (also referred to as the database access account) on the Specify Configuration Database Settings page of the SharePoint Products Configuration wizard.
Installed and Configured SQL Server 2008 R2
I logged into the SQL Server computer as reagant and installed SQL Server 2008 R2. For the MSSQLSERVER and SQL Server Agent services, I provided the SQLsvc domain account credentials, and added my reagant account as an administrator for SQL Server Database Engine. I then completed the SQL Server Setup process.
Following SQL Server Setup, I opened SQL Server Management Studio and connected to the default instance of SQL Server Database Engine. I created a login in SQL Server for the SPadmin domain account, and granted it access to the dbcreator and securityadmin server roles. I then closed Management Studio.
Installed SharePoint Server 2010
I logged into the SharePoint Server computer as SPadmin and installed the SharePoint Server 2010 pre-requisites and ran SharePoint Server 2010 Setup.
Ran SharePoint Products Configuration Wizard
Following SharePoint Server 2010 Setup, I ran the SharePoint Products Configuration Wizard. I selected the option to create a new server farm. On the Specify Configuration Database Settings page, I specified the SQL Server computer name, a name for the configuration database, and the SPfarm domain account credentials. However, when I clicked Next, I received the error: “Cannot connect to database master at SQL Server at <server_name>. The database might not exist, or the current user does not have permission to connect to it.”
I went back and verified that I had a successful SQL Server installation and that my accounts and permissions were configured correctly. After some trial and error, I remembered an issue I’d had with another product where the Windows Firewall on the SQL Server computer was blocking traffic to the port that the instance of SQL Server Database Engine runs on. By default SQL Server runs on port 1433, and in my simple test environment I had left it to run on that default port. On the SQL Server computer, I opened Windows Firewall with Advanced Services and added an inbound rule to allow traffic over port 1433. If you do not use the default port, create an inbound rule for the port you use in your environment.
When I went back to run the SharePoint Products Configuration wizard, I no longer encountered the error message and configuration was able to continue. For more information about configuring the Windows Firewall for SQL Server, see “How to: Configure a Windows Firewall for Database Engine Access” (http://technet.microsoft.com/en-us/library/ms175043.aspx).