Monday, March 26, 2012

Risks of single MSSQL domain account for mult servers?

Greetings:
I am trying to conceive what risks might be created by running
multiple SQL servers within a domain under a single domain account, as
opposed to 1) running under the local service account or 2) multiple
domain service accounts.
In this case, all the SQL servers are SQL2000 running on Win2003. The
service account is assigned only to the "Domain Users" group.
We do use linked server calls, and I have played and suceeded getting
Kereberos up to avoid double hop issues when using Windows Auth. In
fact, this is one of the reasons that sparked the question in my mind
-- in all the MS Kerebos SQL<->SQL examples, the SQL servers run under
a unique service account.
As an aside, most of the servers are "line of business" servers, but
HR runs under a unique server with more sensitive information. I don't
really think that merits a seperate service account, but again, I
could well be missing something.
I mostly looking for food for thought, but concrete examples of
gotchas would be appreciated.
Thanks all.
d.D (or should I call you d?),
One drawback of using a single service account is that a breach of security
on that account means a breach on all of your SQL Servers.
(Yes, it is easier to only have one account to manage. Also, once upon a
time (a long time ago) it made replication easier.)
Russell Fields
"D Barry" <google@.dcbarry.com> wrote in message
news:6d9b9a07.0405201046.548244c2@.posting.google.com...
> Greetings:
> I am trying to conceive what risks might be created by running
> multiple SQL servers within a domain under a single domain account, as
> opposed to 1) running under the local service account or 2) multiple
> domain service accounts.
> In this case, all the SQL servers are SQL2000 running on Win2003. The
> service account is assigned only to the "Domain Users" group.
> We do use linked server calls, and I have played and suceeded getting
> Kereberos up to avoid double hop issues when using Windows Auth. In
> fact, this is one of the reasons that sparked the question in my mind
> -- in all the MS Kerebos SQL<->SQL examples, the SQL servers run under
> a unique service account.
>
> As an aside, most of the servers are "line of business" servers, but
> HR runs under a unique server with more sensitive information. I don't
> really think that merits a seperate service account, but again, I
> could well be missing something.
>
> I mostly looking for food for thought, but concrete examples of
> gotchas would be appreciated.
> Thanks all.
> d.|||It can be problematic, especially if you have to restart all of the SQL Ser
vers to change the password for the SQL Server account.|||Russell:
It's "d.". "D." is just too pompous... ;-)
I should have stated the breach against one is a breach of all
arugument. (We do use nice long complex passwords.) I'm looking for
other
"Russell Fields" <RussellFields@.NoMailPlease.Com> wrote in message news:<ubmx4TqPEHA.2976@.TK
2MSFTNGP10.phx.gbl>...[vbcol=seagreen]
> D (or should I call you d?),
> One drawback of using a single service account is that a breach of securit
y
> on that account means a breach on all of your SQL Servers.
> (Yes, it is easier to only have one account to manage. Also, once upon a
> time (a long time ago) it made replication easier.)
> Russell Fields
> "D Barry" <google@.dcbarry.com> wrote in message
> news:6d9b9a07.0405201046.548244c2@.posting.google.com...
<snip>
[vbcol=seagreen]

No comments:

Post a Comment