March 30, 2020 at 10:51 pm
I have 10 different SQL servers that run on account 'domain\JDOE'
I need to change the password for this account...so I ask our networking group to change it in active directory.
I know where to go under SQL Server services and change the password for my first server....but once networking changes the password, will all other SQL Servers stop ?
What is the best procedure for something like this ?...Do I create a new account named 'domain\JDOE2' and give it the same rights as domain\JDOE, and then slowly roll out the new account to each single SQL Server ?....what are some solutions ?
Please direct me to a solution you have implemented or to a tech paper.....thank you so much.
P.S. I want to keep this thread simple...but what else do I need to think about...SQL Server Agent, SSIS jobs, databases that run/owned by domain\JDOE ?
March 30, 2020 at 10:55 pm
your best option is to setup a GMSA/MSA and use that instead of a standard AD user - once you change them you won't ever have to worry about its password.
and also means you can change them one at the time without affecting the other servers.
see https://www.sqlservercentral.com/blogs/using-a-gmsa-with-sql-server
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply