Re: SQL2000 SA Account

From: Graham Mitchell (spam_at_ceicmh.org)
Date: 05/15/03 

Date: Thu, 15 May 2003 14:16:18 -0400

Unfortunately we have to leave it in mixed mode, as the application we're
going to install only works with SQL Authentication.... sigh..... Another
reason for trying to get rid of the SA account, is that some programmers
think that the solution for any permission problems is to use SA.. so I'd
like to get rid of it to remove the temptation. I think I'll just change the
password and 'forget it'....:)

Graham

"Jasper Smith" <jasper_smith9@hotmail.com> wrote in message
news:ufsk$PwGDHA.432@TK2MSFTNGP12.phx.gbl...
> Do you use SQL authentication for anything, if not then
> you can change the server to Windows only. However,
> regardless of this make sure the sa login has a very strong
> password and lock it away. The trouble is that anyone
> who is a sysadmin can change the sa password without
> knowing what it currently is so it won't do a hell of a lot of
> good. As you have discovered, you can't remove the sa login
> or remove it from the sysadmin role.
>
> --
> HTH
>
> Jasper Smith (SQL Server MVP)
>
> I support PASS - the definitive, global
> community for SQL Server professionals -
> http://www.sqlpass.org
>
> "Graham Mitchell" <spam@ceicmh.org> wrote in message
> news:%23j0MDDvGDHA.2852@tk2msftngp13.phx.gbl...
> > We've set up each of our programmers with their own Active Directory
> > SQLAdmin account, made them members of the SQL Server Admin group in AD.
> The
> > AD group has been added to the SQL server login IDs, and been given the
> > system administrator role.
> >
> > What I'd like to do now is to basically turn the SA account into a
'user'
> > account, with as few rights as possible (actually, I'd like to delete
it,
> > but you can't do that)... What's the best way to go about this...? Any
> > suggestions and pointers are gratefully accepted.
> >
> >
> > Graham
> >
> >
>
>

Relevant Pages

  • Re: Error 15401 using sp_grantlogin (not addressed by current KB articles)
    ... Restarting Windows 2000 resolved the problem for this particular account, ... confused when it sees a duplicate SID. ... > One way to get SQL Server to agree with the renamed NT ... > Preview (to ensure the script was created), ...
    (microsoft.public.sqlserver.security)
  • Re: SharePoint V3 Install Error
    ... But it our case it had to do with Group Policies that forbid the account of ... WSS FAQ:www.wssv3faq.com/wss.collutions.com ... Event Source: WindowsSharePointServices3Search ... whatever you are installing WSS as sufficient rights to the SQL Server ...
    (microsoft.public.sharepoint.windowsservices)
  • RE: Problems with WebParts
    ... to a database called aspnetdb. ... > The connection string specifies a local SQL Server Express instance using a ... > server account must have read and write access to the applications directory. ... > This is necessary because the web server account will automatically create ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Cannot connect to Query Analyzer
    ... For Query Analyzer, I tried replacing the file as you suggested but had the ... same results (Enterprise Manager starts up fine, ... I created an account on my laptop and changed SQL ... Try replacing the MMC app for SQL Server from the original ...
    (microsoft.public.sqlserver.connect)
  • Re: VS2005: SQL Debugging "T-SQL execution ended without debugging. You may not have sufficient
    ... > account also must be a member of the sysadmin role in the target SQL ... and the Windows firewall is disabled on both client & server. ... to the remote SQL Server 2005. ... But I'm still getting the "T-SQL execution ended without debugging. ...
    (microsoft.public.vsnet.debugging)