You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/migrate/least-privilege-credentials.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,15 +21,15 @@ In preparation for discovery, the Azure Migrate appliance needs to be configured
21
21
- Accounts with sysadmin permissions on all the SQL Server instances listed in the CSV.
22
22
23
23
> [!Note]
24
-
> - The admin-level account is used only to provision the least privileged account. Once the least privileged account is created, it can be provided in the Appliance configuration for the actual discovery and assessment.
25
-
> - If multiple admin-level accounts will be required, use the same CSV file to run the utility again with the next admin-level credential. The instances that have already been successfully updated will be skipped. Repeat this with different admin-level credentials until all sql instances have the *Status* field set to *Success*.
24
+
> - The admin-level account is used only to provision the least privileged account. Once the least privileged account is created, provide it in the Appliance configuration for the actual discovery and assessment.
25
+
> - If multiple admin-level accounts are required, use the same CSV file to run the utility again with the next admin-level credential. The instances that have already been successfully updated are skipped. Repeat this with different admin-level credentials until all sql instances have the *Status* field set to *Success*.
26
26
27
27
## Prepare the list of SQL Server instances
28
-
The utility requires the SQL Server instances list to be created as a CSV with the following columns in the stated order:
28
+
The utility requires the SQL Server instances list created as a CSV with the following columns in the stated order:
29
29
1. FqdnOrIpAddress (Mandatory): This field should contain the Fully Qualified Domain Name (or optionally the IP Address for SQL Server authentication) of the server where the SQL Server instance is running.
30
30
2. InstanceName (Mandatory): This field should contain the instance name for a named instance or MSSQLSERVER for a default instance.
31
31
3. Port (Mandatory): The port that the SQL Server is listening on.
32
-
4. Status (Optional/Output): This field is to be left blank initially. Any value here other than Success allows the utility to attempt to provision the least privileged account against the corresponding instance. Success or failure is then updated in this field at the end of execution.
32
+
4. Status (Optional/Output): This field can be left blank initially. Any value here other than Success allows the utility to attempt to provision the least privileged account against the corresponding instance. Success or failure is then updated in this field at the end of execution.
33
33
5. ErrorSummary (Optional/Output): Leave blank. The utility updates this field with summary of the errors (if any) that were encountered while provisioning the least privileged account.
34
34
6. ErrorGuidance (Optional/Output): Leave blank. The utility updates this field with detailed error messages (if any) that were encountered while provisioning the least privileged account.
35
35
@@ -43,9 +43,9 @@ The utility requires the SQL Server instances list to be created as a CSV with t
43
43
1. Provide the credentials of the account with admin-level permissions.
44
44
1. Select the credential type by entering 1 for *SQL Account* or 2 for *Windows/Domain Account*.
45
45
1. Provide the username and password for the admin-level account
46
-
1. Now provide the credentials for the least privileged account that needs to be created.
46
+
1. Now provide the credentials for the least privileged account to be created.
47
47
1. Select the credential type by entering 1 for *SQL Account* or 2 for *Windows/Domain Account*.
48
-
1. If you chose *SQL Account* in the previous step, the SQL Server instances in the list should have SQL Server authentication (Mixed Mode) enabled. If a SQL Server instance in the list doesn't have SQL Authentication enabled, the script can optionally provision the account anyway and enable SQL Authentication. However, the instance needs to be restarted before the new SQL Account can be used. If you don't want to proceed with SQL Account provisioning, enter *N* or *n* to go back to the previous step and choose the credential type again.
48
+
1. If you chose *SQL Account* in the previous step, the SQL Server instances in the list should have SQL Server authentication (Mixed Mode) enabled. If a SQL Server instance in the list doesn't have SQL Authentication enabled, the script can optionally provision the account anyway and enable SQL Authentication. However, the instance should be restarted before the new SQL Account is used. If you don't want to proceed with SQL Account provisioning, enter *N* or *n* to go back to the previous step and choose the credential type again.
49
49
1. Provide the username and password for the least privileged account to be provisioned.
50
50
1. If there are more admin-level credentials to be used, start again with the same CSV file. The utility skips instances that are successfully configured.
0 commit comments