Post reply

Why it is not recommended to use Agent account in Replication?

  • August 27, 2019 at 10:51 am

    #3674649

    In the documentation and also wizard I see that it is recommended to use separate accounts for replication different agents and it is not reccommended to use SQL Server Agent account, but I can't understand what's the bad thing in using same agent account for replication? Can you, please, point out side effects?

    Thanks

  • August 27, 2019 at 5:59 pm

    #3674803

    The per-service SID for the Agent account is a sysadmin. Other than the log reader agent needing sysadmin with certain sync_type options, replication agents don't need to be sysadmins. So it wouldn't be following the principle of least privileges if using the Agent account. Principle of least privilege is one of the security guidelines in the computer world.

    Sue

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply