I learned a hard lesson this week. It turns out what while table updates/ schema updates do get replicated across databases on an Availability Group, changing the DB Owner on the primary replica does not change the DB owner on the secondary replica automatically.
Thus if you perform a failover, the database owner could now be out of sync with the master table's SID.
Should my plan of action when e.g. making a security related change be to
1. Apply change to primary replica
2. Fail over the Availability Group
3. Apply change to the new primary replica
Am I correct in making these statements? Is it only DBOwner/ Schema changes that I must be aware of when I am making changes.
Best Answer
Yes, you need to make sure that databases have the same owner, schema changes will travel along the availability group. This gets problematic when there are changes in database owner as you need to reapply those changes too to the secondary nodes.
If it is possible, you could change owner to SA on every database, then make this change every night and when fail-over happens. When you capture the fail-over you can run this to make SA owner for every database:
EDIT:
If you don't wish to go SA as a owner, you could create table containing the database owners
Filling up the table (make this as a job and schedule it once a hour or something)
As soon as the fail-over has happened, this needs to be run on the new active node: