Where do I create SQL Server Service Accounts?
Hi
When setting up an account for each SQL Server Service are these created in the - SBS Users - or - Users - part of Active Directory?
Does it matter?
Regards
William
AD.bmp
When setting up an account for each SQL Server Service are these created in the - SBS Users - or - Users - part of Active Directory?
Does it matter?
Regards
William
AD.bmp
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi
I have found some more information.
SBS USers: Default organisational unit for user accounts created with the Add New User Account wizard
Users: Default container for upgraded user accounts
As I created these accounts without using the Add New User wizard it looks like I should have created them in Users. Now when I try and move them I get a warning that If I move them things might not work because of the way group policies are applied.
Since being advised on this site to create separate accounts for each SQL service I just seem to be digging a bigger and bigger hole that I cant get out of.
At what level in my diagram should I create the new OU "Service Accounts" and can I ignore the error message and move the accounts there?
Regards
I have found some more information.
SBS USers: Default organisational unit for user accounts created with the Add New User Account wizard
Users: Default container for upgraded user accounts
As I created these accounts without using the Add New User wizard it looks like I should have created them in Users. Now when I try and move them I get a warning that If I move them things might not work because of the way group policies are applied.
Since being advised on this site to create separate accounts for each SQL service I just seem to be digging a bigger and bigger hole that I cant get out of.
At what level in my diagram should I create the new OU "Service Accounts" and can I ignore the error message and move the accounts there?
Regards
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help guy's
That way if you are ever making modifications it is really easy to exclude those accounts in that OU.
You could also add something to the description maybe like "serviceAccount"
Thanks
Mike