Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
Hommer
Aged Yak Warrior
808 Posts |
 Posted - 2014-02-20 : 14:01:00
|
| Hi,I have a default instance and a named instance sql2012 on the same box. Both will be production dbs.The sql server service is running under sql account, and I need to change it over to domain windows service account. My question is what are the pros and cons of sharing a same service account?Thanks! |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-02-20 : 14:53:51
|
| I think on the same box is fine, provided it doesn't have elevated permissions. If it does have elevated permissions, then you'd need to consider what that means for the instances if you are using xp_cmdshell and who has sysadmin access on the instances. For different boxes, I recommend different domain accounts that way if your account gets compromised you don't have to make tons of changes. This happened to us a couple of years ago. We had to change hundreds of servers when our account got hacked by a sophisticated hacker. Just the account got hacked, not the servers. If it happens in the future, we would only need to change one server per account that was compromised.Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
 |
|
|
|
|
|
good or bad idea, share a service account