October 4, 2011 at 5:07 pm
Put service account as local admin group will save lots of permission issue , so. wondering besides security concern, what else is really the big problem to run sql service account as local admin group member ?
ddfg
October 4, 2011 at 7:38 pm
It is one of the standard security policy of Microsoft ..
However , I prefer it much to be done after finishing the installation to guarantee just sufficient ACL permissions are there....
Now, the symptom here is how to remove it safely, for that wise you could refer to the Microsoft link below in details :
http://msdn.microsoft.com/en-us/library/ms143504.aspx
[font="Arial Black"]Performance Guard[/font]
[font="Courier New"]Just ask me to get 0 sec for all queries[/font]
October 4, 2011 at 8:06 pm
awu (10/4/2011)
Put service account as local admin group will save lots of permission issue , so. wondering besides security concern, what else is really the big problem to run sql service account as local admin group member ?
The first thing that comes to mind is if you need to access resources on another server, local admin will not work.
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
October 5, 2011 at 10:44 am
awu (10/4/2011)
Put service account as local admin group will save lots of permission issue , so. wondering besides security concern, what else is really the big problem to run sql service account as local admin group member ?
Do you need more of a reason not to do it besides security? Choose an account that has only the permissions required to get the job done, nothing more, nothing less.
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
October 5, 2011 at 7:02 pm
"The Local System account option is provided for backward compatibility only. The Local System account has permissions that SQL Server Agent does not require. Avoid running SQL Server Agent as the Local System account. For improved security, use a Windows domain account..."
http://msdn.microsoft.com/en-us/library/ms191543.aspx
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply