Re: deleting the service account

From: Emmanuel Nanchen (Emmanuel.Nanchen@TAKEMEOFF.manpower.ch)
Date: 04/17/03 

From: "Emmanuel Nanchen" <Emmanuel.Nanchen@TAKEMEOFF.manpower.ch>
Date: Thu, 17 Apr 2003 17:02:54 +0200

Hello Jasper,

    thank you for your reply. I am just visiting some disater scenarii,
and I wanted to make sure that data corruption could not happen in
the following scenario: if some authentication takes place (succeeds),
then account is deleted and the code of SQL continues its work, but
fails because of further (implicit) authentication while SQL code still
assumes authentication is OK.

    I know it's quite convoluted, but I wanted to know anyhow. As far
as I understand, the service will still run while accessing local ressources
(i.e. disks) because the credentials are cached in the security token of the
process and in the LSA; and they are not refreshed while the process is
running. But accessing ressources on the network (i.e. mail) should (may)
fail. Anyway, no data corruption is possible.

    Just to know, did you already heard about such a case?

    Have a nice Easter,

    Sincerely,

    Emmanuel

"Jasper Smith" <jasper_smith9@hotmail.com> wrote in message
news:uUIHu$OBDHA.1016@TK2MSFTNGP12.phx.gbl...
> Win2000/SQL2000
>
> 1) Yes it will still run until restarted
> 2) It won't cause a problem until the service/server is restarted
> 3) The service won't start that's all - no issues with data integrity
> 4) Yes, the service runs as normal intil restarted then it doesn't
> start - there is no risk. I'm not sure what you are getting at ?
>
> Best practice is to not delete you service accounts :-)
> Strict control of access to AD to limit the number of people who
> can manage accounts (certainly add/delete anyway).
>
> --
> HTH
>
> Jasper Smith (SQL Server MVP)
>
> I support PASS - the definitive, global
> community for SQL Server professionals -
> http://www.sqlpass.org
>
> "Emmanuel Nanchen" <Emmanuel.Nanchen@TAKEMEOFF.manpower.ch> wrote in
message
> news:OO1ruEMBDHA.2044@TK2MSFTNGP10.phx.gbl...
> > Hello,
> >
> > this is a translation of a post on a national newsgroup.
> > For those reading the original newsgroup, please forgive me.
> >
> > My following (theoretical) question is the following:
> > suppose that my SQL Server Service runs under the domain account
> > MYDOMAIN\MyUser. For any reason (ranging from dumbness to pure
> > hacking), suppose that this account is deleted from the domain
> > while the service is running.
> >
> > What will then happen? More precisely:
> > 1. Can the service continue to run, even without warranty about
> > data integrity, and if yes, how long (until the restart of the
> > service for other reasons)?
> > 2. how long does is take until the service crashes (or which
> > internal events need authentification of the service account)?
> > 3. are the exceptions raised by this cause gracefully handled,
> > i.e. are there warranties from Microsoft concerning data
> > integrity or coherence?
> > 4. when the situation will eventually be corrected (by having the
> > service running under another account -- yes, I know it is not
> > straightforward) are the data in a coherent state after startup?
> > i.e. are there any warranties from Microsoft?
> >
> > What are the best practices recommended by Microsoft to
> > minimize this kind of risk (at the level of SQL Server, of course,
> > not of the Windows DCs), knowing that the service must access network
> > ressources?
> >
> > Thank you in advance for your enlightning comments, and have
> > a nice Easter
> >
> > Sincerly
> >
> > Emmanuel
> >
> >
> >
>
>

Relevant Pages