Surpassing database account credential issues
The XenDesktop site central-database is accessed by the services running on each controller. These services' access to the database is controlled by Active Directory machine accounts. The controller machine accounts and users are provided sufficient minimum database access privileges to carry out the daily operations.
Using machine accounts presents a simple and secure model to safeguard critical data in XenDesktop database. However, there are some administrative operations that fall out of scope for these machine accounts' access privileges and in those scenarios, we need to ask the database administrator with elevated privileges to pitch in and perform the tasks via SQL scripts.
The database access flow diagram is as follows:
Note
The XenDesktop service doesn't support use of SQL authentication. This is due to the fact that SQL scripts and SDKs are based on machine account logons and using SQL authentication can expose the SQL passwords through...
