Accounts and groups that are installed by Systems Management Server 2003 (826843)

MORE INFORMATION

The accounts that are created in the SMS hierarchy depend on whether you select Standard Security or Advanced Security when you install SMS 2003. Some of the accounts and the groups that are created are:

SMS Client Connection account	This domain account is created by Setup. Only one account per site is created. However, the administrator can create as many accounts as are required to address specific security issues.	SMSClient_site code
Site System to Site Server Connection group	This domain group contains user accounts or computer accounts that are used to connect remote site systems to the site server computer.	SMS_SiteSystemToSiteServerConnection_site code
Site System to SQL Server Connection group	This domain group is used to connect remote site systems to the SQL server.	SMS_SiteSystemToSQLConnection_site code
Site System to Site System Connection group	This domain group contains user accounts or computer accounts that are used by other site servers in the SMS hierarchy to connect to the site server.
SMS Service account	This account is used by the SMS site components	Administrator's choice
SMS Client user token account	This is an internal Systems Management Server account. Only one of these accounts is created per domain, regardless of the number of sites installed in that domain.	SMSCliToknAcct&
SMS Client services account	One of these accounts is created for each domain controller in the enumerated domain, regardless of the number of sites in that domain.	SMS&_Domain_Controller_Name
SMS Remote service account	This account is used to run the SMS Executive service on Client Access Points (CAPs) other than the site server.	SMSSvc_site code_xxxx

The following guidelines can be used to calculate the number of accounts that SMS 2003 will create:

SMS Client Network Connection account:	1 x <number of sites in domain>
SMS Server Network Connection account:	1 x <number of sites>
SMS Remote Service account:	2 x <number of CAPs per site>(default is 1 CAP per site)
SMSCliToknAcct& account:	1 x <number of domains>
SMS&_DC_Name account:	1 x <number of DCs in the enumerated domain, regardless of the number of sites

The following scenario is an example of a medium-sized company with 10 domain controllers.

The company has 9 resource domains and 1 master domain. Each domain controller is its own SMS 2003 site server. The total number of accounts that are created may be similar to the following:

SMS Client Connection account:	1 x 10 = 10	1 site per domain
SMS Server Connection account:	1 x 10 = 10
SMS Remote Service account:	2 x 10 = 20
SMSCliToknAcct& account:	1 x 10 = 10
SMS&_DC_Name account:	1 x 10 = 10
	Total : 60 accounts

For additional information about Standard Security and Advanced Security in SMS 2003, and about the accounts and the groups that are created with each security mode, review the following topics in the SMS Online Library:

• About SMS Remote Service Accounts
• Common Server Accounts
• Complete List of SMS Accounts
• Managing Accounts Through Site Setup and Site Reset
• Minimizing the Number of Accounts SMS Uses
• Planning for SMS Account Lifecycles
• SMS Advanced Security
• SMS Database Accounts and Roles
• SMS Security Account Principles
• Tightening SMS Security
• Using Optional Accounts

To find these topics, follow these steps:

1. Click Start, point to All Programs, point to Systems Management Sever, and then click SMS Online Library.
2. In the search box, type the topic name, and then click List Topics.