I need to use gMSA account to connect SQL Server from my delphi application. So, can I use delphi's LogonUser() to get handle to impersonate this gMSA account? If yes, what password I need to supply as an argument to this LogonUser()?
Please advise.
Asked
Active
Viewed 443 times
1 Answers
2
The S stands for Service. If you are running as a service written in Delphi you just set your SQL Server connection component in Delphi to use OS Authentication. No user name or password required.
If you are running as an application then no - Group Managed Service Accounts are not for you.
Brian
- 6,717
- 2
- 23
- 31
-
I am using an application. Due to security reasons I cannot use SQL user authentication. – D. Venkata Naresh Jan 09 '20 at 18:49
-
If you set the SQL Server client connection to use OS Authentication it will use the logged in user to authenticate to SQL Server. Or you can use [runas](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc771525(v=ws.11)) when launching your app to run it as a different user. In neither case do you fill in a user name or password in the SQL Server client connection. – Brian Jan 09 '20 at 19:58
-
We can use impersonation to pass other user's security context instead of logged-in user. I tried this and it is connecting to the database with no issues. But here, I need to save password somewhere. Instead of that I would like to use gMSA account for impersonation. But I don't know, what password I need to supply as an argument to this LogonUser()? I tries with empty string and with nil. both failed – D. Venkata Naresh Jan 09 '20 at 20:56