Forum Discussion
Group Managed Service Accounts for SQL Services -> Best Practices Microsoft
Hello everyone
I would like to address the SQL community with the following question:
We use Group Managed Service Accounts for all SQL services on our new SQL server.
I have now been told by a software supplier that Microsoft recommends either leaving the predefined SQL service accounts for the services or using a service account (AD user) with user name and password and not Group Managed Service Accounts.
Is this correct? Should I not use Group Managed Service Accounts for the SQL services? What is official best practice from Microsoft?
My thought for using Group Managed Service Accounts is from a security perspective.
Thanks for your support
Greetings
Oliver
Oliver_Hoechli , sure you can use gMSA for SQL Server, see
Configure Windows service accounts and permissions - SQL Server | Microsoft Learn
=> Group-managed service accounts
Oliver_Hoechli , sure you can use gMSA for SQL Server, see
Configure Windows service accounts and permissions - SQL Server | Microsoft Learn
=> Group-managed service accounts
Hello Olaf
Thank you very much for your quick reply. What I am still interested in is whether Microsoft has a recommended preference regarding the account for the SQL services? My software vendor explicitly states that the Microsoft recommendation is either a username and password account or the predefined SQL service account that is displayed during installation and that the Group Managed Service Accounts is not best practice?
Greetings
Oliver- Then your vendor should send you a link for that MS recommendation.
gMSA support was first introduced in SQL Server 2014; I can't imagine MS added that feature just for fun.
