SOLVED

Group Managed Service Accounts for SQL Services -> Best Practices Microsoft

Copper Contributor

Hello everyone


I would like to address the SQL community with the following question:


We use Group Managed Service Accounts for all SQL services on our new SQL server.


I have now been told by a software supplier that Microsoft recommends either leaving the predefined SQL service accounts for the services or using a service account (AD user) with user name and password and not Group Managed Service Accounts.


Is this correct? Should I not use Group Managed Service Accounts for the SQL services? What is official best practice from Microsoft?


My thought for using Group Managed Service Accounts is from a security perspective.


Thanks for your support


Greetings

Oliver

 

4 Replies
best response confirmed by Oliver_Hoechli (Copper Contributor)

Hello Olaf
Thank you very much for your quick reply. What I am still interested in is whether Microsoft has a recommended preference regarding the account for the SQL services? My software vendor explicitly states that the Microsoft recommendation is either a username and password account or the predefined SQL service account that is displayed during installation and that the Group Managed Service Accounts is not best practice?

Greetings

Oliver

Then your vendor should send you a link for that MS recommendation.
gMSA support was first introduced in SQL Server 2014; I can't imagine MS added that feature just for fun.
Ok, thank you very much for the information and your help. I will ask where the vendor got the information from.
1 best response

Accepted Solutions
best response confirmed by Oliver_Hoechli (Copper Contributor)