Re: Builtin\Administrators

From: Bill Hollinshead [MS] (billhol@online.microsoft.com)
Date: 10/15/02 

From: billhol@online.microsoft.com ("Bill Hollinshead [MS]")
Date: Tue, 15 Oct 2002 20:14:11 GMT

Hi Mike,

Note the use of "impede" within that article. The article had said
"prevent" before I requested that word be changed to "impede". Imagine an
NT Administrator with a SQL Server CD in hand, a willingness to rebuild the
master database (or reinstall SQL), and the knowledge that they can
reattach databases... Remember that NT Administrators are omnipotent in NT,
thus if you don't trust someone as an administrator then perhaps they
shouldn't be an administrator <g>. However, if you wish to alternatively
prevent administrators from rebuilding master (thus recreating the
BUILTIN\Administrators), then using NT Authentication to log onto SQL
Server as a sysadmin, and finally inspecting some sensitive data (such as
their salary), you can use a third party encryption solution (or write your
own software) to encrypt the data upon the disk and decrypt it based upon
their NT account (or other identifier, and not necessarily based upon that
account's group membership). On the other hand, should you be concerned
that administrators can mess up SQL Server, it would be best to either not
make that account an administrator or it may be better to trust that person
and simply request that they not touch SQL Server (or, you can follow that
article to impede - not prevent - an Administrator's access).

Thanks,

Bill Hollinshead
Microsoft, SQL Server

This posting is provided "AS IS" with no warranties, and confers no
rights. Subscribe to MSDN & use http://msdn.microsoft.com/newsgroups.

Relevant Pages

  • Re: Permission question - another one
    ... I would have thought that Administrator ... Are you asking why is it connecting to SQL Server? ... > and I gave BUILTIN/Administrator this database as its default database. ...
    (microsoft.public.sqlserver.programming)
  • Re: locked out of XP, need file access
    ... how did he suddenly just "forget" the admin password? ... Responding in the positive to his request akin to offering a burglar a set ... You tell the person to find a locksmith to get into their car, ... > even for the administrator mode. ...
    (Security-Basics)
  • Re: Windows Vista Enterprise and SQL Server 2005 Agent
    ... This has nothing to do with SQL Server and this is an expected behaviour of Windows Vista operating systems. ... Cause of those popups and normal-user-like acting is some new security system called User Account Control. ... It all seems to be related to security things, even though I am an administrator. ...
    (microsoft.public.sqlserver.security)
  • Re: Fresh installation and no access
    ... You're not getting access because you're not an administrator when you log ... In previous OS's you had administrator permissions on the database ... You must create a login (to allow connect to SQL Server) then a user to be ...
    (microsoft.public.sqlserver.security)
  • Re: Service Accounts on SQL Server, Best Practices
    ... SQL Server and SQL Server Agent service accounts do not need to be a local administrator or domain administrator for Failover Clustering on Windows 2000 ... If the service account for SQL Server is not an administrator in a cluster, the administrative shares cannot be deleted on any nodes of the cluster. ...
    (microsoft.public.sqlserver.clustering)