March 30, 2017 at 3:06 am
Im aware that SQL Server Service uses virtual accounts, so it doesnt matter if the SQLSERVER serivce runs under an account that does not have an explicit login in the instance.
This makes me think that in an AlwaysOn scenario, if using the same domain account for the Services on both servers, I will have to explicitly create a login for that account in each instance.
However, the article from Microsoft suggests that this is not the case:
"If the server instances run as the same domain user account, the correct user logins exist automatically in both master databases. This simplifies the security configuration for Database Mirroring and Always On Availability Groups."
This implies that whatever account the service runs under is automatically granted login ot the local instance, which i know is incorrect.
Is the article wrong, does it assume i will have created a login for the domain service account or is my understanding incorrect?
March 30, 2017 at 4:06 am
winston Smith - Thursday, March 30, 2017 3:06 AMIm aware that SQL Server Service uses virtual accounts, so it doesnt matter if the SQLSERVER serivce runs under an account that does not have an explicit login in the instance.
This makes me think that in an AlwaysOn scenario, if using the same domain account for the Services on both servers, I will have to explicitly create a login for that account in each instance.
However, the article from Microsoft suggests that this is not the case:"If the server instances run as the same domain user account, the correct user logins exist automatically in both master databases. This simplifies the security configuration for Database Mirroring and Always On Availability Groups."
This implies that whatever account the service runs under is automatically granted login ot the local instance, which i know is incorrect.
Is the article wrong, does it assume i will have created a login for the domain service account or is my understanding incorrect?
The logins are usually taken care of when creating the endpoints via the wizard.
Manual creation requires some config
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
March 30, 2017 at 4:23 am
That makes sense. In relation to the article, is it incorrect to say the logins "exist automatically" if both instances is running under a domain account? i.e. they wont already exist in the instance, they are created via the wizard.
I know i sound pedantic, but im doing some documentation and want to be sure its accurate.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply