Re: SQL Server user account

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Steve Foster [SBS MVP]" <steve.foster@xxxxxxxxxxxxx>
Date: Wed, 25 Jan 2006 18:38:57 -0800

DavidF wrote:

During SQL Server setup I goofed and did not ask the wizard to create a user account for SQL Server to use. Instead I said to use the builtin Administrator account. Yesterday I was warned that this is a security problem.

After reading the online docs about what permissions are required for the user account, I decided it might be easier to uninstall/reinstall SQL Server. Let the wizard do it.

The default service account for SQL Server is LocalSystem - you didn't have to specify a user at all. Having said that, LocalSystem is almost as bad as Administrator when the machine is a DC.

SQL Server doesn't generally require any special privileges (there are some exceptions, but they don't apply to SBS2003) - so any user account you choose to use for the SQL service account does not need to be an administrator. The only requirements are the usual ones for service accounts (eg non-expiring p/w, "run as a service" privilege, etc.).

Note that SQL Server will of course be limited in what it can do at the OS level based on the service account it runs under.

The most useful advantage of running SQL Server under a named user account is that it can then make use of email.

There's no big deal to changing the service account, you just need to ensure all the requirements are met. If you've not yet deployed any SQL databases, using an uninstall/reinstall might be considered easier.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.
.

Follow-Ups:
- Re: SQL Server user account
  - From: David F

References:
- SQL Server user account
  - From: DavidF

Prev by Date: RE: Add User Wizard Error-no home foler or quota info
Next by Date: Re: Does Remote Management of SBS 2003 require a CAL?
Previous by thread: Re: SQL Server user account
Next by thread: Re: SQL Server user account
Index(es):
- Date
- Thread

Relevant Pages

Re: Windows Vista Enterprise and SQL Server 2005 Agent
... This has nothing to do with SQL Server and this is an expected behaviour of Windows Vista operating systems. ... Cause of those popups and normal-user-like acting is some new security system called User Account Control. ... It all seems to be related to security things, even though I am an administrator. ...
(microsoft.public.sqlserver.security)
Re: The Microsoft Search service cannot be administered under the present user accou
... When you changed the SQL-Service to run with Local User account (with admin ... rights), did you make this change in the SQL Server 2000 Enterprise Manager ...
(microsoft.public.sqlserver.fulltext)
Re: Not associated with a trusted SQL Server connection - Windows
... I checked the user accounts on the SQL server and I ... > Using Windows authentication in SQL server DOES NOT mean that as long as you ... and SQL Server accept who you are as your user account claims. ... > include authentication and authorization. ...
(microsoft.public.dotnet.framework.adonet)
SQL Server 2005 setup
... While attempting to setting up a new user account on a laptop on which SQL Server 2005 Developer edition is installed I receve an error in SQL Server 2005 Surface Area Configuration. ... "The service did not respond to the start or control request in a timely fashion, you need administrator priviledges to be able to start/stop this service. ... A few minures earlier I made the user login a member of the SQL Server SysAdmin role on this machine. ...
(microsoft.public.sqlserver.setup)
Re: SQL open error
... > my connection string. ... > "SQL server does not exist or access denied". ... What user account id the MSSQLServer Windows ... >>> database thru the SQL Server Enterprise Manager. ...
(microsoft.public.dotnet.general)