Skip to main content

The default service accounts in SQL Server 2012 (NT Service\MSSQLServer, NT Service\SQLSERVERAGENT)

The default service accounts in SQL Server 2012 (NT Service\MSSQLServer, NT Service\SQLSERVERAGENT)
Few days back I realised that Microsoft had added few service account to Windows 7 and Windows Server R2 to support SQL server 2012. When SQL server 2012 is installed the accounts (NT Service\MSSQLServer, NT Service\SQLSERVERAGENT)  are created under the cover to as the default SQL service accounts  for the SQL Server service and SQL server agent service respectively.
These accounts are called virtual account for windows. Unlike the traditional windows accounts they can’t be used to log into any environment as they work  below the authentication layer of windows and does not have a password.
Virtual accounts in Windows Server 2008 R2 are managed local accounts that provide simplified service management. The virtual account is auto-managed and has limited access to the network in a domain environment. However Virtual accounts cannot be used in certain scenarios, particularly for failover cluster instances due to limitations on the Virtual account.

You can find further details on the possible limitation when assigning MSA(Managed Service Account) and virtual accounts for SQL SERVER Service in the security note on the following


Popular posts from this blog

Create a dacpac To Compare Schema Differences

It's been some time since i added anything to the blog and a lot has happened in the last few months.
I have run into many number of challenging stuff at Xero and spread my self to learn new things.

As a start i want to share a situation where I used a dacpac to compare the differences of a database schema's.
- This involves of creating the two dacpacs for the different databases
- Comparing the two dacpacs and generating a report to know the exact differences
- Generate a script that would have all the changes

How to generate a dacbpac
The easiest way to create a dacpac for a database is through management studio ( right click on the databae --> task --> Extract data-tier-application). This will work under most cases but will error out when the database has difffrent settings. ie. if CDC is enabled

To work around this blocker, you need to use command line to send the extra parameters. Bellow is the command used to generate the dacpac.