Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Symptoms

When the creation of service master key for Microsoft SQL Server 2012 or SQL Server 2014 fails during the setup, SQL Server doesn’t log this failure correctly. This leads to some issues, for example, when you try to configure SQL Server replication, you receive the following error message:

An error occurred during decryption. There is no remote user 'distributor_admin' mapped to local user '(null)' from the remote server 'repl_distributor'. Changed database context to 'master'. (Microsoft SQL Server, Error: 15466)


When you try to create a linked server together with remote logins, you encounter the error:

An error occurred during decryption


Additionally, you may receive the following error message in SQL Server error log:

<Date> <Time> spid5s Service Master Key could not be decrypted using one of its encryptions. See sys.key_encryptions for details.


When you query the catalog view sys.symmetric_keys, one row for the service master key is returned. When you query the catalog view sys.key_encryptions, no row is returned. The expected result is two rows.

Resolution

After you apply this update, the metadata will be left clean if the service master key creation failure occurs during the setup, and the next SQL Server service restart will try to create a service master key again. Additionally, more error messages about the service master key creation failure will be logged in the error log.

Note

  • If you have encountered this issue, this update won't work, and you have to use one of the workarounds listed in the "Workaround" section.

  • In order to use the changes in this cumulative update, you have to install SQL Server by using the Product Update feature and perform a slipstreamed install with RTM + SP + CU.


The issue was first fixed in the following cumulative update of SQL Server:

Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. We recommend that you download and install the latest cumulative updates for SQL Server:


Workaround

If you already have the problem situation, you can do one of the followings:

  • Regenerate the service master key by using the following Transact-SQL statement:

    ALTER SERVICE MASTER KEY FORCE REGENERATE

  • Reinstall the instance of SQL Server.

If you are encountering the problem during installing SQL Server, you can follow these steps before you install SQL Server:

  • Restart the operating system.

  • Log on to the RDP session by using the SQL Server service account.

  • Wait for several minutes and then log off after the user profile is created completely.

  • Start SQL Server setup after a few minutes.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×