sqlfriends (10/9/2013)
http://technet.microsoft.com/en-us/library/ms143504.aspxI am a little confused a bout MSA account, it says :
When resources external to the SQL Server computer are needed, Microsoft recommends using a Managed Service Account (MSA), configured with the minimum privileges necessary.
it also says:
You cannot use a MSA to log into a computer, but a computer can use a MSA to start a Windows service.
So if it cannot login to a computer, how the SSIS to connect to another server using SQL agent service using a msa account?
Thanks,
A properly managed service account will have permission to log in as a service but not permission to log in interactively on the console. In other words, it can be authenticated to execute on a server as a service, but a person cannot use those same credentials to RDP into one of your systems.
As to a service account's ability to connect to other servers, that is dependent upon the necessary permissions being granted -- e.g., did you create a SQL Server login with select permissions for DatabaseB.SchemaC.TableD running on ServerZ for the service account that the SQL Servere Agent process on ServerA is running under, or does it have the file permissions necessary to read the tab-delimited file on \\ServerN\ShareY? (At one job, the domain-level service account used to run SQL Server Agent got denied permission to even read the directory where backups were saved.)
Does that make sense?