Skip to main content

The default service accounts in SQL Server 2012 (NT Service\MSSQLServer, NT Service\SQLSERVERAGENT)





The default service accounts in SQL Server 2012 (NT Service\MSSQLServer, NT Service\SQLSERVERAGENT)
Few days back I realised that Microsoft had added few service account to Windows 7 and Windows Server R2 to support SQL server 2012. When SQL server 2012 is installed the accounts (NT Service\MSSQLServer, NT Service\SQLSERVERAGENT)  are created under the cover to as the default SQL service accounts  for the SQL Server service and SQL server agent service respectively.
These accounts are called virtual account for windows. Unlike the traditional windows accounts they can’t be used to log into any environment as they work  below the authentication layer of windows and does not have a password.
Virtual accounts in Windows Server 2008 R2 are managed local accounts that provide simplified service management. The virtual account is auto-managed and has limited access to the network in a domain environment. However Virtual accounts cannot be used in certain scenarios, particularly for failover cluster instances due to limitations on the Virtual account.

You can find further details on the possible limitation when assigning MSA(Managed Service Account) and virtual accounts for SQL SERVER Service in the security note on the following
link http://msdn.microsoft.com/en-us/library/ms143504%28SQL.110%29.aspx

Comments

Post a Comment

Popular posts from this blog

How To Execute A SQL Job Remotely

One of the clients needed its users to remotely execute a SQL job and as usual I picked this up hoping for a quick brownie point. Sure enough there was a catch and there was something to learn. Executing the job through SQLCMD was a no-brainer but getting it to execute on the remote machine was bit of challenge. On the coding Front 1    1.)     The bat file included the following code                 SQLCMD -S "[ServerName] " -E -Q "EXEC MSDB.dbo.sp_start_job @Job_Name = ' '[JobName]" 2    2.)     The Individual users were given minimum permissions  to execute the SQL job Ex. use msdb EXECUTE sp_addrolemember @rolename = 'SQLAgentOperatorRole', @membername = ' Domain\UserLogin ' At the client machine              This took a fair bit of time till our sysadmin got me an empty VM machine....
Post a Comment
Read more

Create a dacpac To Compare Schema Differences

It's been some time since i added anything to the blog and a lot has happened in the last few months. I have run into many number of challenging stuff at Xero and spread my self to learn new things. As a start i want to share a situation where I used a dacpac to compare the differences of a database schema's. - This involves of creating the two dacpacs for the different databases - Comparing the two dacpacs and generating a report to know the exact differences - Generate a script that would have all the changes How to generate a dacbpac The easiest way to create a dacpac for a database is through management studio ( right click on the databae --> task --> Extract data-tier-application). This will work under most cases but will error out when the database has difffrent settings. ie. if CDC is enabled To work around this blocker, you need to use command line to send the extra parameters. Bellow is the command used to generate the dacpac. "%ProgramFiles...
10 comments
Read more

High Watermarks For Incremental Models in dbt

The last few months it’s all been dbt. Dbt is a transform and load tool which is provided by fishtown analytics. For those that have created incremental models in dbt would have found the simplicity and easiness of how it drives the workload. Depending on the target datastore, the incremental model workload implementation changes. But all that said, the question is, should the incremental model use high-watermark as part of the implementation. How incremental models work behind the scenes is the best place to start this investigation. And when it’s not obvious, the next best place is to investigate the log after an test incremental model execution and find the implementation. Following are the internal steps followed for a datastore that does not support the merge statements. This was observed in the dbt log. - As the first step, It will copy all the data to a temp table generated from the incremental execution. - It will then delete all the data from the base table th...
4 comments
Read more