October 22, 2007 at 9:13 am
Hi,
Why we need to remove the BUILTIN\Administrators group to harden the security? I could see almost 10+ accounts in the ntgroup as users as well as group.. Does using the exec sp_revokelogin [BUILTIN\Administrators]
the correct practice?
How could we find out the service account of the SQL server?
I am sorry to have a handful of quetsions.. But can someone please throw some light?
October 22, 2007 at 12:59 pm
Hi,
Usually the recommendation to remove BUILTIN\Administrators is made because the group contains everyone with administrative rights on the server, including those who may not be SQL Server administrators. You should add SQL Server administrators logins to SQL Server and make them members of the sysadmin fixed server role before removing BUILTIN\Administrators.
You can either remove the group altogether with sp_revokelogin or just remove the group from the sysadmin role.
You can find the service account in Enterprise Manager by right-clicking on the server name and selecting "properties" then selecting the "Security" tab. The login will be listed in the Startup Service Account section.
If you have access to the server, you can also see the service account by looking in Local Services.
Greg
Greg
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply