SQL Server and Failover Cluster service account minimum roles best practice?

EnterpriseArchitect 4,446 Reputation points
2023-07-26T14:11:48.9766667+00:00

Can you please explain and help me why the Service account for SQL Server and the Cluster Failover service account Primary group are set to Domain Admins rather than Domain Users?

Domain-Admins

Is this really required for SQL Server and SQL Servers running on MSCS Failover Cluster?

Please provide some documentation to explain whether this is the required privilege for the service account.

If there is recommended practice to follow for a minimum privilege role for the SQL Server and Failover cluster (MSCS) service account, that'd be greatly appreciated.

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,257 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
11,710 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,543 questions
Windows Server Clustering
Windows Server Clustering
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Clustering: The grouping of multiple servers in a way that allows them to appear to be a single unit to client computers on a network. Clustering is a means of increasing network capacity, providing live backup in case one of the servers fails, and improving data security.
939 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,681 questions
{count} votes