![]() ![]() It is as simple as it sounds – once configured the Active Directory takes care for the password change every 30 days (default) without the need of administrator’s intervention or SQL Server service restart. AlwaysOn Availability Groups are also an option, although it requires additional configurations. They can be used for standalone and clustered installations of SQL Server. With Windows Server 2012 the Group Managed Service Accounts were introduced, it provides the same functionality within the domain, but also provides the possibility to use it over multiple servers. The problem with the standard Managed Service Accounts is that they can only be used in a one to one ratio as a single account can be used on only one host / computer. It also meant that we could finally forget another scenario – having the same domain service account we use for all of our SQL Servers with very high privileges not only within the AD but among numerous Windows Servers which password we have not changed since it was created. They promised to provide automatic password management and simplified SPN management, meaning that the time-consuming task of maintaining passwords would be a thing of the past (not to mention the required downtime for this). ![]() ![]() Standalone Managed Service Accounts, introduced a long ago with Windows Server 2008 R2, were a ray of hope for the database administrators. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |