Friday, August 02, 2013

Managed Service Accounts - The Saviour for the Domain-based SQL Server Service Account?

For those Database Administrators seeking to lock-down security related to a Service  Account(s), there is an option starting with Windows Server 2008 R2:
a Managed Service Account.
This type of account is tied to a machine, and cannot be locked out, and seems to be a saviour for vigilant DBAs wanting to achieve a higher level of SQL Server Instance isolation: 

Would you agree? Or have a proposal for an even better solution? 

This is a short post (originally posted June 21st), since as you can see below, it's summer and getting some wave skiing in is essential to maintaining sanity :)

No comments:

Post a Comment