MS SQL service account


Job details

Name: MS SQL service account
Platform: Sqlserver
Category: Security
Premium package: Security and compliance package
Description: Checks if the service account used by the MSSQLSERVER service is not a member of the Windows Administrator group.
Long description: Checks if the service account used by the MSSQLSERVER service is not a member of the Windows Administrator group.
Version: 1.21
Default schedule: 17 1 1 *
Requires engine install: Yes
Compatibility tag: .[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005′ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ engine_edition = ‘Azure SQL Managed Instance’)]

Parameters

Name Default value Description
return status 1 Return status value (ALARM – 2, WARNING – 1, or OK – 0) when the MSSQLSERVER service is a member of the Windows Administrator.
history threshold 365 The maximum number of days to keep statistics for in the historic tables.

Job Summary

xp_cmdshell 'powershell.exe Get-LocalGroupMember -Group "Administrators"'
and
select servicename, service_account from sys.dm_server_services where upper(servicename) like upper('%SQL Server (%')

Tables and Objects

Table Name Description
dbw_mssql_service_account_info Stores current status of the service account
dbw_mssql_service_account_histr Maintains history of checks performed over time
dbw_mssql_service_account_output Temporary helper table for command outputs
dbw_mssql_service_account_admin Stores output related to the administrators’ group check from the command line
dbw_mssql_service_account_users Helper table storing the type and name of users processed during the check

Report Presentations

Automatic Monitoring Execution and Handling