Solved

Where do I create SQL Server Service Accounts?

Posted on 2009-05-17
5
432 Views
Last Modified: 2012-05-07
Hi

When setting up an account for each SQL Server Service are these created in the - SBS Users  - or - Users - part of Active Directory?

Does it matter?

Regards
William

AD.bmp
0
Comment
Question by:Whisky-Will
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:ddanonimity
ddanonimity earned 50 total points
ID: 24406464
I would say it doesn't matter  as long as you make sure they have the correct permissions for the account to run the required service
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24406527
I've see a lot of organizations create an OU called "service accounts"
That way if you are ever making modifications it is really easy to exclude those accounts in that OU.
You could also add something to the description maybe like "serviceAccount"
Thanks
Mike
0
 

Author Comment

by:Whisky-Will
ID: 24406600
Hi
I have found some more information.
SBS USers: Default organisational unit for user accounts created with the Add New User Account wizard
Users: Default container for upgraded user accounts
As I created these accounts without using the Add New User wizard it looks like I should have created them in Users. Now when I try and move them I get a warning that If I move them things might not work because of the way group policies are applied.
Since being advised on this site to create separate accounts for each SQL service I just seem to be digging a bigger and bigger hole that I cant get out of.
At what level in my diagram should I create the new OU "Service Accounts" and can I ignore the error message and move the accounts there?
Regards
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 450 total points
ID: 24406612
We have our service accounts at the root so right click on the domain and select new OU
yes you can ignore the group policy warning, you shouldn't have issues there.
Thanks
Mike
0
 

Author Closing Comment

by:Whisky-Will
ID: 31582378
Thanks for your help guy's
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Incremental backup to a shared folder 3 55
Server 2008, large number of updates 18 33
one domain, two sites 3 38
Set a variable value in SQL Procedure 3 26
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question