Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
frank.svs
Constraint Violating Yak Guru
368 Posts |
 Posted - 2011-08-07 : 22:33:16
|
| Hi Team,I have a question.What is the difference between SQL 2005 cluster groups and SQL server 2008 Service SIDs?In sql 2008 i can still see the groups getting created in registry, AD and computer management local users and groups.Any one explain what is the main difference between them?Thanks in Advance. |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
|
|
jeffw8713
Aged Yak Warrior
819 Posts |
Posted - 2011-08-08 : 16:21:08
|
| Well, let me try to clear this up...hopefully it doesn't come up too muddy...On 2003 Clusters, installing either 2005 or 2008 and using a domain service account you have to create at least one AD Group that the service account is a member of. The recommendation is that you create at least 3 separate groups - one for the database engine, one for the agent and one for full text. These AD groups are required when installing into the cluster because those are the groups that will be used for SQL access and ACL's.The local accounts that are created on each server in the cluster are not used.On Windows Server 2008 - installing SQL Server 2008 you have the option of installing with the above group type permissions or Service SIDs. The recommended practice is to use the Service SIDs instead.When you do that, the local groups that are created are now used in the cluster - with the Service SID being added to those local groups and specifically added to SQL Server. Since the Service SID has the same SID on all nodes in the cluster - there are no problems when failing over to the other node.So, the local groups are still needed and created - but the AD groups are no longer needed, as long as you install using the Service SID option.Jeff |
 |
|
|
frank.svs
Constraint Violating Yak Guru
368 Posts |
Posted - 2011-08-10 : 17:55:32
|
| Makes a lot of sense. Thanks for the explaination. |
|
|
|
|
|
|
grops and SIDs