Installing Acumatica Locally on a Windows 10 Machine
Wanted to share how I overcame a recent permissions issue when installing Acumatica locally on my Windows 10 laptop. My mission was just to do a local install for my own learning and testing but it turned into this little puzzle. I blogged the whole thing here (including how I smashed my laptop screen because I love my bike too much) but here is the long & short of it:
At the end of the installation wizard, I kept getting a "Call Stack Error" - a little terse. Here's a recording of the config options I chose: https://www.dropbox.com/s/u93bndqe67hs262/AcumaticaInstall02.mp4?dl=0
Checking the install logs I saw this same error, even when I would try a few different variations on the install:
CREATE FILE encountered operating system error 5(Access is denied.) while attempting to open or create the physical file ‘[…]\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\SQL_Logs\AcumaticaLocal_log.ldf’.
CREATE DATABASE failed. Some file names listed could not be created. Check related errors.
I did some research and reckoned that the issue was related to rights to create files on my local machine. The path identified in the logs was “owned” by “Trusted Installer” user, which was the root cause of my problem. So, how could I open up security so that the Acumatica installation media had “rights” to do the install within the Program Files folder? I talked to the Acumatica support desk on this and they suggested trying to change the "owner" of the folder. I did try this, and attempted to add the “everyone” group to C:\Program Files, apply to all files and sub folders, and re-try installing Acumatica locally. But there were rights on this Windows 10 machine that were not allowing me to gain control of the folder.
I consistently would get "Failed to enumerate objects in the container. Access is denied" error when trying to change folder security, even as a local admin of the machine.
Anyway, short of hacking the registry I didn't see how I was going to get around this security issue.
Finally, I decided to go a different route. Since the errors being thrown in the logs were related to the installation being unable to create database files in the Microsoft SQL Server directory, I decided to change the default installation location of database backups, data and logs within SQL Server Management Studio. I changed the default location to a new folder that I created and owned. Since I could control the rights to the default location of the relevant database data, the installer had no issue. Once I did this, the installation went perfectly.
This seems to be an issue related to increased security around Windows 10, so might be pretty specific to this scenario of installing locally for your own use. Just wanted to share in case other people encounter this.
Love your detail and am grateful for your sharing.
When installing SQL, we learned a long time ago to move the installation directory and/or the storage location for files, logs, and backups to their own folder, preferably just off the root of a drive. It makes managing the storage location easier, ensures you don't have to deal with intrinsic security settings inherited from a parent directory, and gives you much easier access to the folder. Sometimes you do things for so long, one just takes it for granted.
I'm sorry you had to travel the path. I hope your laptop gets better soon!
Thought I would pipe in here! I think pegging this as a Windows 10 issue or an Acumatica issue can be troublesome, since the real issue is with the MS SQL Server configuration. You made the 100% best choice when you moved the default Data/Log file locations to new folders. DB rule of thumb always wants Data and Log to be on separate drives, and those drives again being separate from the OS. This configuration is not always possible on dev machine, but if you are running on spinning disks and not SSDs, you should at least try to pop the Data and Log onto drives away from OS/IIS for performance reasons.
At its core, this problem is a permission issue. The MS SQL server Service is running under specific set of credentials which you can control using the SQL Configuration Manager. By default, it will create a login NT Service\MSSQLSERVER when installing and use this. If this login does not have high enough permissions to the directory of your default Data and Log locations (I think this is the case on default installations?), it will not be able to create the DB and you will get the CREATE FILE access denied error. You can usually correct this by using Window's securities tab, but only if your login has permissions to do that. If you do not, but you are admin on your machine, you can (in normal circumstances) force control by taking Ownership of the folder. (@arline-welty, I know in your blog you said you could not get this to work. This can happen if you do not click the "Replace child permissions" checkbox. But, it can also happen if there is an issue with disk corruption. chkdsk /f tool can usually resolve this.)
Once you own the folder, you can add the service's login with better permissions. When adding the user, you want to shift from your domain to the local computer by using the Locations button and picking your computer. You will need to type in NT Services\MSSQLSERVER, then click Check Names (Pick MSSQLSERVER from the list if prompted). Once you pick your permission, you can check the "Replace child permissions" to force ownership(I think..) and inheritance to trickle down to file contents.
Hope this helps someone tackle folder permissions in the future!
If you don't want to deal with that crazyness or have a stuborn folder, you are probably better off changing server properties in SSMS. After connecting, Right Click on server -> Properties and update Database Settings default locations: