March 13, 2003 at 12:02 pm
In SS2K, has anyone removed the BUILTIN\Administrators Login?
Do you recommend it?
Do you recommended against it?
Thanks in advance,
Billy
March 13, 2003 at 12:15 pm
try denying access better
March 13, 2003 at 3:29 pm
There are some cases where you can't without some prior steps:
Full-text indexing - Add NT Authority\System and make it a sysadmin
Clustered Instance - Add the Cluster servic account and make it a sysadmin
In the first case, Full-Text Indexing will break if you don't (and anything other than LocalSystem isn't supported because you may end up with either (a) pegged CPUs, (b) AccVio's, or (c) both. In the second case, SQL Server will be dead.
Those are two basic prep steps.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
March 14, 2003 at 10:44 pm
Do not Deny access in an Clustered Instance because you also will deny the cluster service account that you have to add. Just remove the group BUILTIN\Administrator.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply