Solved

sql2008 running sql service with Log ON As

Posted on 2013-01-24
1
191 Views
Last Modified: 2013-02-04
Hi,
Could someone explain me on NT Authority\NETWORK SERCVICE, NT Authority\Local System or LocalSystem or some other account and why?
I seems can't figure out what differenet between them and what security implication if I choose wrong service account type
0
Comment
Question by:motioneye
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
Vijaya Reddy Pinnapa Reddy earned 500 total points
ID: 38818268
Network Service: has more access to resources and objects than members of the Users group. Services that run as the Network Service account access network resources by using the credentials of the computer account. The actual name of the account is “NT AUTHORITY\NETWORK SERVICE“. This account is far more limited than the Limited than Local System account.


Local System: Completely trusted account, more than the Administrator account. There is nothing on a single box that this account cannot do and it has the right to access the network as the machine. However local system account might restrict the SQL Server interaction with the other server. The actual name of the account is “NT AUTHORITY\SYSTEM“


Local Service: A limited service account that is very similar to Network Service and meant to run standard least-privileged services. However unlike Network Service it has no ability to access the network as the machine.
This limited access helps safeguard the system if individual services or processes are compromised.


Services that run as the Local Service account access network resources as a null session without credentials.
The actual name of the account is “NT AUTHORITY\LOCAL SERVICE“. Local Service account is not supported for the SQL Server or SQL Server Agent services.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have written a PowerShell script to "walk" the security structure of each SQL instance to find:         Each Login (Windows or SQL)             * Its Server Roles             * Every database to which the login is mapped             * The associated "Database User" for this …
     When we have to pass multiple rows of data to SQL Server, the developers either have to send one row at a time or come up with other workarounds to meet requirements like using XML to pass data, which is complex and tedious to use. There is a …
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question