Post reply

domain\server$

  • September 23, 2013 at 12:34 pm

    #298137

    Hi, SQL Server log shows several login failures from the login "domain\server$". What does that mean? I read somewhere that it means that the remote machine is using "network service" to run the service which is connecting to SQL Server. I don't understand what that means and if I need to change something or if the app team needs to make a change.

    Does the $ on the end indicate a system created object in AD?

    Thanks for reading.

  • September 23, 2013 at 9:37 pm

    #1652550

    First - AD accounts that end in $ are accounts that are created when a server or workstation is added to the domain. The name of the account is the same as the server name suffixed with $.

    So, yes, network service is the likely reason. As for whether anything needs to be changed - well, that is entirely up to you and your organisation. It may be correct for the service to be using this account. Personally, I prefer to create specific accounts that can be given the minimum set of privileges for a particular function/application - this limits the potential for problems if there are any security breaches. This is the reason that you have proxies available within SQL Server Agent.

  • September 24, 2013 at 2:19 pm

    #1652886

    Thanks happycat. I'm going to advise the application team to use a service account instead.

  • September 25, 2013 at 7:13 am

    #1653138

    happycat59 (9/23/2013)

    So, yes, network service is the likely reason.

    Just to note here--the built-in LocalSystem account also authenticates as the computer on the network, so would also be connecting with DOMAIN\SERVER$ credentials; people often forget that one because they think from the name that account only has local access, which is not the case. The LocalService account (which I think was added in Windows 2008) presents anonymous credentials on the network, so behaves more like people think LocalSystem does.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply

Cookies on SQLServerCentral

This website stores cookies on your computer.

These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.

To find out more about the cookies we use, see our Privacy Policy