Windows 2008 Role Services for MOSS 2007 Part 2

Make sure your Database Access account is an admin on the central administration server, otherwise you’ll get access denied errors when trying to create new web applications.  This is because the db access account won’t have the ability to edit the metabase.  Oh, and this bubble up by MOSS saying that you, the logged in user doesn’t have access, which is completely inaccurate, especially since I was a Farm Administrator.  In addition you’ll see the error message listed below in the Application event logs.

Log Name:    Application
Source:      ASP.NET 2.0.50727.0
Date:      3/18/2008 10:58:42 AM
Event ID:    1309
Task Category: Web Event
Level:      Warning
Keywords:    Classic
User:      N/A

Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 3/18/2008 10:58:42 AM
Event time (UTC): 3/18/2008 3:58:42 PM
Event ID: c59d97a1bbf8405cba1d837292259be4
Event sequence: 4767
Event occurrence: 8
Event detail code: 0
Application information:
  Application domain: /LM/W3SVC/236168797/ROOT-1-128503227503346172
  Trust level: WSS_Minimal
  Application Virtual Path: /
  Application Path: C:inetpubwwwrootwssVirtualDirectories37466
  Machine name:

Process information:
  Process ID: 3720
  Process name: w3wp.exe
  Account name:

Exception information:
  Exception type: COMException
  Exception message: Access is denied.

Request information:
  Request URL: http://

  Request path: /_admin/extendvs.aspx
  User host address: fe80::e48a:75aa:9034:9106WSS_Minimal

  Is authenticated: True
  Authentication Type: NTLM
  Thread account name:

Thread information:
  Thread ID: 9
  Thread account name:

  Is impersonating: False
  Stack trace:  at Microsoft.SharePoint.Utilities.SPUtility.HandleAccessDenied(Exception ex)
  at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.HandleAccessDenied(Exception ex)
  at Microsoft.SharePoint.ApplicationRuntime.BaseApplication.Application_Error(HttpApplication app)
  at Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.ErrorAppHandler(Object oSender, EventArgs ea)
  at System.Web.HttpApplication.RaiseOnError()

I hate having service accounts admins on boxes.