About the Server Locator Point Database Connection Account
Updated: July 1, 2009
Applies To: System Center Configuration Manager 2007, System Center Configuration Manager 2007 R2, System Center Configuration Manager 2007 R3, System Center Configuration Manager 2007 SP1, System Center Configuration Manager 2007 SP2
By default, the Microsoft System Center Configuration Manager 2007 server locator point uses its computer$ account when connecting to the site database, but you can configure an alternate account. If configured, the Server Locator Point Connection Account is used by server locator points to read information from the site database.
Required rights and permissions
If you configure this account, you must manually add it to the smsdbrole_SLP role in the Configuration Manager site database so that the server locator point obtains the required rights and permissions. If you do not configure this account, the server locator point's computer$ account is automatically added to smsdbrole_SLP.
Account and password creation
The account is not automatically created. The Configuration Manager 2007 Administrator creates the account and manages the password.
The account can be created anywhere where it can be added to the smsdbrole_SLP role in the Configuration Manager site database.
The administrator changes the account or password in the operating system, then configures Configuration Manager 2007 to use the new account or password. If the existing account is replaced with another account, the administrator must manually add it to the smsdbrole_SLP role in the Configuration Manager site database.
Security best practices
Use the computer account instead of creating a connection account.
If you use this account, create it as a local account on the computer running SQL Server.
Do not grant this account interactive logon rights.
For additional information, see Configuration Manager 2007 Information and Support.
To contact the documentation team, email SMSdocs@microsoft.com.