- Use the same account to run all SQL Server service for all node in the cluster.
- Account has Administrator permissions on all servers in node. Set in “Local Users and Groups”.
- Account has sysadmin SQL permission on all servers in node. Set in “Local Security Policy”.
- Account has log on as service policy on all servers in node. Set in “Local Security Policy”.
Always use SQL Server tools such as SQL Server Configuration Manager to change the account used by the SQL Server Database Engine or SQL Server Agent services, or to change the password for the account. In addition to changing the account name, SQL Server Configuration Manager performs additional configuration such as updating the Windows local security store which protects the service master key for the Database Engine. Other tools such as the Windows Services Control Manager can change the account name but do not change all the required settings.
After an account change, it will take a few minutes for the databases to re-sync back up. Databases may be in a different state other than “Synchronized” and Availability Group icon may be in a different state. Just wait a few minutes and the state of the database and availability group icon will correct itself.