Interview Question of the Week #056 – How to fix Installation Failure – Rule “Setup account privileges” Failed in SQL Server

Sometimes in the interviews I observe that users are able to answer all the theoretical questions correct but when it is about doing practical they fail. A while ago, when I was helping a large organization with interview, suddenly their DBA reported that one of their server has installation error. We found this as a great opportunity to test a new candidate and gave him problem to solve. He was successfully able to solve the problem.

Question: How will you fix the installation failure error setup account privileges error in SQL Server?


When I clicked on “failed” hyperlink, here is the message.

Here is the text of the message.

Rule Check Result
Rule “Setup account privileges” failed.
The account that is running SQL Server Setup does not have one or all of the following rights: the right to back up files and directories, the right to manage auditing and the security log and the right to debug programs. To continue, use an account with both of these rights. For more information, see, and

I always look at setup logs to see the exact issue. I opened “SystemConfigurationCheck_Report.htm” and below is the failure.

Then I looked into “Detail.txt” and searched for “HasSecurityBackupAndDebugPrivilegesCheck” as shown in above screenshot. Failure is listed below.

(09) 2016-01-28 19:58:11 Slp: Initializing rule      : Setup account privileges
(09) 2016-01-28 19:58:11 Slp: Rule is will be executed  : True
(09) 2016-01-28 19:58:11 Slp: Init rule target object: Microsoft.SqlServer.Configuration.SetupExtension.FacetPrivilegeCheck
(09) 2016-01-28 19:58:11 Slp: Rule ‘HasSecurityBackupAndDebugPrivilegesCheck’ Result: Running process has SeSecurity privilege, has SeBackup privilege and does not have SeDebug privilege.
(09) 2016-01-28 19:58:11 Slp: Evaluating rule        : HasSecurityBackupAndDebugPrivilegesCheck
(09) 2016-01-28 19:58:11 Slp: Rule running on machine: PINALVM1
(09) 2016-01-28 19:58:11 Slp: Rule evaluation done   : Failed

As highlighted above, the account which was running setup was missing second one.

SeSecurity: Manage auditing and the security log

SeDebug: Debug Programs

SeBackup: Back up files and directories

To see the “Local Security Policy”, we can go to Start > Run > SecPol.msc or open it from Administrative Tools.

“Debug programs” doesn’t have any user. By default, “Administrators” group is part of it which was removed by me during some hardening. Once I added default account, I have to restart the computer to get forward from that error.

Reference: Pinal Dave (

MySQL, SQL Error Messages
Previous Post
SQL SERVER – Script level upgrade for database ‘master’ failed because upgrade step ‘sqlagent100_msdb_upgrade.sql’
Next Post
SQL SERVER 2016 – IF EXISTS Function on SQL Azure Databases and More

Related Posts

17 Comments. Leave new

  • Hi I’m not sure whether I’m posting in the right platform but I’m trying to calculate hours worked between 8 – 16:30 excluding weekends, after-hours, holidays, and lunch time. Was able to find help except for excluding lunch hours. How do I exclude lunch hours in my calculation.

  • When the steps above do not work what do you do?

  • On Windows Server 2012, I am not able to add or remove any group or user for the Debug Programs Policy. The two buttons are greyed out.

    • @Raj – that happens when they are controlled via group policy. You should contact you domain admin to make that changes.

  • Jim. if you are unable to Add the Permission, Skip the check by running setup from the command line as so :-

    Setup.exe /ACTION=Install /SkipRules=HasSecurityBackupAndDebugPrivilegesCheck

  • How do you run the setup from the command line? My manage auditing and security log is greyed out. Please help out

    • You can open command prompt, browse to folder which contains setup.exe and run below command

      Setup.exe /ACTION=Install /SkipRules=HasSecurityBackupAndDebugPrivilegesCheck

      I have not tested.

  • Shaik Azaz Ahamed
    April 3, 2017 6:55 pm

    i am unable to install sql 2012 and the error is “setup account privileges failed” and when itried to skind the rules through that above given command its not installing properly in between the installation getting error,please tell me any other alternative solution that i can install .

  • Shaik Azaz Ahamed
    April 3, 2017 7:09 pm

    Pinal Dave Please give me your email id that i can forward the error screen shot which i got after running that command”Setup.exe /ACTION=Install /SkipRules=HasSecurityBackupAndDebugPrivilegesCheck”

  • If it can help someone :
    I had to go out of the AD to be able to install sqlserver without debug rights.
    After that you can reintegrate the AD.

  • Why doesn’t the article complete the details? *HOW* do I continue to fix the problem???

  • Worked for me:

    press Win + R to open cmd.

    browse to the folder of the SQL instalation, in my case “C:\SQL2019\ExpressAdv_ENU” with this command:
    cd C:\SQL2019\ExpressAdv_ENU

    A new line will be created waiting for the command:
    Setup.exe /ACTION=Install /SkipRules=HasSecurityBackupAndDebugPrivilegesCheck

    Press enter, enjoy.


Leave a Reply

Exit mobile version