Chapter 1 Securing Your Server and Network (4): Use the virtual service account, chaptersecuring

Source: Internet
Author: User
Tags domain hosting

Chapter 1 Securing Your Server and Network (4): Use the virtual service account, chaptersecuring
Source: Workshop

Without the consent of the author, no one shall be published in the form of "original" or used for commercial purposes. I am not responsible for any legal liability.

Previous Article: http://blog.csdn.net/dba_huangzj/article/details/38017703

 

Preface:

 

Like a hosted account, a Virtual service account is a new feature introduced by Windows Server 2008 R2. It is a local account that does not require password management, in addition, the network can be accessed by using the computer Id like the NetworkService account. Compared with NetworkService, because it is a built-in account that is shared across services, it is better to manage than a virtual service account (see the http://blog.csdn.net/dba_huangzj/article/details/37924127 for details.

A virtual account can configure security for each service, but cannot be created or deleted manually. It is an account created when the service is installed on Windows Server 2008 R2 and has the same name as the service. For example, in nt service \ MSSQL $ SQL2012, SQL2012 is the Instance name. A virtual account can configure the ACL locally as a normal account and act as a member of the local group.

Implementation:

To run SQL Server under a virtual account, follow these steps:

 

1. Open the SQL Server Configuration Manager and open the "properties page" of the SQL Server service ]:

 

 

2. In the logon tab, enter NT Service \ MSSQL $ <name of the instance> or NT Service \ MSSQLSERVER (default instance), and leave the password blank:

 


3. Click application and restart the service.


Principle:

 

Virtual accounts can be considered as local hosted accounts. They do not need to be managed (so they are called managed), cannot be created, and do not need to provide a password. However, you must note that a virtual account cannot be used in an SQL Server cluster because it does not have the same SID on each node. If you want to use it in a cluster, you can use a domain hosting account.

In addition, virtual accounts can be used as computer accounts in the network to access network resources. Therefore, if you want to allow the network to access your services, you should first use such managed accounts.




Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.