How to use Procmon to troubleshoot a SQL Server permissions problem in either the filesystem or registry
SQL Server needs to be able to read certain registry keys and/or you suspect that a problem is related to permissions in either the registry or the filesystem. How do you troubleshoot this? With Procmon:
1. Download the process monitoring tool (Procmon.exe): http://download.sysinternals.com/Files/ProcessMonitor.zip
2. Unzip the file on machine that faces the issue and run procmon.exe. Press “Ctrl-E” to stop capturing events.
3. Press “Ctrl-L” to open the Filter dialog box. Add filter(s) for the process(es) you want to monitor (e.g. only for sqlservr.exe):
Choose Process Name, is, sqlservr.exe, Include and then click the Add button
4. After adding the filter(s), clear the screen in procmon by pressing “Ctrl-X”.
5. Start capturing data by pressing “Ctrl-E”
6. Reproduce the issue (i.e. cause the problem to occur again)
7. Return to procmon, stop capture and save file with PML format and only filtered events.
Analyzing this trace file for access denied events or sometimes for missing registry keys usually shows where the problem occured.
