January 4, 2007 at 9:17 am
Looking for a recommandation. Would it be better to have the same service account running SQL Server and SQL Agent for all my production boxes or should I have individual accounts? What happens if the account get's locked out or deleted? Are you still able to access SQL on the server until ity gets rebooted or the service is stopped?
January 4, 2007 at 11:12 am
I've tended to use different accounts for each server. Since you rarely set them up, it works well. Store the passwords in Password Safe or something similar and then yo can change them one at a time.
Follow me on Twitter: http://www.twitter.com/way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
January 5, 2007 at 2:17 pm
We use one account for production, one for QA, one for dev and one for test. since the servers are the only ones that use the account, they shouldn't get locked out, but there is a risk of that happening. Be sure that the password is set to not expire as well. It's just a matter of preference, In my case, it's policy.
January 8, 2007 at 9:54 am
Best is to use seperate account for each server and place them in a group. I've never yet used different accounts for agent and sql, but I can see reasons I might want to do this in 2005 with the increased services - depends upon what you want each to do.
Personally I think it's a bad idea to use a common account, especially across environments, makes it very tricky to change passwords for example. However I believe a common approach is to make the service account for all servers a domain admin < big grin > ( hands up how many times you've seen this )
[font="Comic Sans MS"]The GrumpyOldDBA[/font]
www.grumpyolddba.co.uk
http://sqlblogcasts.com/blogs/grumpyolddba/
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply