FAQ: How do I run SQL Server service under a managed service account (MSA)?

  • Article

Question

I want to run SQL Server service under a managed service account (MSA). How can I do it?

 Answer

The managed service account (MSA) is designed to provide applications such as SQL Server or Exchange with:

  • Automatic password management, which can better isolate these services from other services on the computer.
  • Simplified service principal name (SPN) management, which allows service administrators to set SPNs on these accounts. In addition, SPN management can be delegated to other administrators.

 However, it is not supported in current SQL Server versions(2005/2008/2008 R2). Although we can configure the SQL Server services to run under a MSA, this scenario is not supported because it is not fully tested.

 Additionally, it is recommended that you always use the SQL Server Configuration Manager (SCCM) when you change the service account properties for SQL Server. The SSCM sets additional permissions on the Windows registries  for the service account automatically. For password change, using SCCM does not require you restarting your SQL Server Services.