SQLTeam.com | Weblogs | Forums

Can gMSA be used in SQL Connection String

Wonder if anyone has used Microsoft group Managed Service Accounts within SQL connection strings, if even possible. Trying to figure out best solution to avoid passwords in script/connection string.

From reading these:

I would say no. If you don't want to embed passwords, use Integrated Security with a local Windows account, or a Domain account, that has the necessary permissions granted in SQL Server.

Thanks Robert, currently using gMSA for services etc, just trying to wrap my head around trying to use within a SQL connection. More so trying to get developers to use gMSA within their scripts
example: Server=myServerAddress;Database=myDataBase;User Id=GSMA account$ here;Password=NOPASSWORD;

Not sure if it will work, in the process of testing to see if that would work. They eventually will have to find other solutions. Thanks again.

A group managed service account is the same as any other windows account (domain or local) - as far as connection strings are concerned. You don't specify the username or password for a domain account - so you don't specify one for a gMSA either.

The connection string will use integrated security - and will be formatted according to the driver you are using for that connection. For example:

"Persist Security Info=False;Integrated Security=true;  
    Initial Catalog=AdventureWorks;Server=MSSQL1"  
"Persist Security Info=False;Integrated Security=SSPI;  
    database=AdventureWorks;server=(local)"  
"Persist Security Info=False;Trusted_Connection=True;  
    database=AdventureWorks;server=(local)"```

Thank you very much jeffw8713. That is what i was aiming for. I'm going to modify a scheduled script and run some tests with the options you pointed out.