Sunday, February 26, 2012

Domain vs Local


What are gotchas for starting Sql & the agent with a Local system account
versus a system Domain account.Hi

IMO the main reason to use a domain account is permissions (lack of, or too
high) and the ability to assign them to the account.

John
"AHartman" <Hoosbruin@.Kconline.com> wrote in message
news:d6adndqf25WCUj3cRVn-oQ@.kconline.com...
>
> What are gotchas for starting Sql & the agent with a Local system account
> versus a system Domain account.|||AHartman (Hoosbruin@.Kconline.com) writes:
> What are gotchas for starting Sql & the agent with a Local system account
> versus a system Domain account.

One gotcha that people run from time to time, is that they want to access
network shares from SQL Server, for instance for BULK INSERT. This does not
work with Local System. Another gotcha is that SQL debugging from another
machine usually does not work if you are running under local system.

--
Erland Sommarskog, SQL Server MVP, esquel@.sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techin.../2000/books.asp|||In article <Xns95A8D9056DF1CYazorman@.127.0.0.1>, esquel@.sommarskog.se
says...
> AHartman (Hoosbruin@.Kconline.com) writes:
> > What are gotchas for starting Sql & the agent with a Local system account
> > versus a system Domain account.
> One gotcha that people run from time to time, is that they want to access
> network shares from SQL Server, for instance for BULK INSERT. This does not
> work with Local System. Another gotcha is that SQL debugging from another
> machine usually does not work if you are running under local system.

Actually, of you understand NET USE, then you don't have to have the SQL
Server in the domain. If you provide the credentials it works just fine.

In most cases, where there is some form of web interface, even for a
intranet, I always setup the servers without providing Domain User
account access to it. The one exception being an application that uses
Windows Authentication Accounts, instead of a programatic method, to
access data.

--
--
spamfree999@.rrohio.com
(Remove 999 to reply to me)

Posted by pou at 12:03 AM
Labels: , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)