A while back I had to help a customer update their naming standard for their Managed Service Accounts, so I thought I would share some of those details. The DBAs and other administrators had a difficult time determining which service account belonged to which server and to which service. They had a corporate requirement to have separate accounts for each service; for example, one for the engine and one for the agent. Their current naming convention was just to have an incrementing number at the end. SVCSQL1$ = DB engine service SVCSQL2$ = Agent service SVCSQL3$ = Full Text service...
Continue reading...January 2022
Get Certificate Details for SQL Encryption In-Transit Using PowerShell
There is an updated version of this script here. In my opinion, all customers should be encrypting connections to their SQL Servers to secure data in-transit, but that’s a discussion for another day. Today, I wanted to discuss how you can use PowerShell to lookup details on the certificate being used for that encryption. For this example, we have three SQL Server instances each configured slightly different for encrypted communication. Using the SQL Server Configuration Manager, we can see the first instance is configured to use a certificate named “deathstar.govlab.corp (SHA256)”. The FORCE ENCRYPTION option is set to YES to...
Continue reading...