Re: Problem changing Service Accounts
From: Steve Thompson (SteveThompson_at_nomail.please)
Date: 04/26/04
- Previous message: Alec MacLean: "Granting EXEC to all my user sprocs in one hit"
- In reply to: David Riddiford: "Problem changing Service Accounts"
- Next in thread: David Riddiford: "Re: Problem changing Service Accounts"
- Reply: David Riddiford: "Re: Problem changing Service Accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Apr 2004 14:03:58 -0400
The following article does a nice job of laying out which registry, NTFS and
other permissions are required to modify the service account to a non-admin
account. You don't have to use EM to make the change, the permissions have
to be correct or the change will fail.
http://support.microsoft.com/default.aspx?scid=kb;en-us;283811&Product=sql2k
Steve
"David Riddiford" <anonymous@discussions.microsoft.com> wrote in message
news:50C3327A-4284-4177-A2A8-B5314EA61CCA@microsoft.com...
> Hi,
>
> I have a standalone machine running XP Professional and SQL Server 2000
Developer Edition.
>
> I am using Microsoft Baseline Security Analyser 1.2 to ensure that the
machine is secure as I can get it.
>
> One of the suggestions was to change the service account for SQL Server
and Agent from LocalSystem to another account with less rights.
LocalService, NetworkService, or a domain account were all options.
>
> Various threads and information on msdn suggest that changing the service
accounts using Enterprise Manager is the way to go because it automatically
sets the correct permissions for the selected account and doesn't muck up
full text search in the process.
>
> However, no matter what I do, I can't seem to get Enterprise Manager to
recognize any account other than LocalSystem. I have tried using a fully
qualified name for a user that I have set up to do it. I have also tried
LocalService but without any success.
>
> I have also tried using the services list in computer management to change
the accounts and this works, but then the service won't start because it
doesn't have the right permissions. I'd prefer to let Enterprise Manager
handle this itself.
>
> If anyone has any suggestions on how to resolve this problem it would be
greatly appreciated.
>
> Thanks,
> David.
- Previous message: Alec MacLean: "Granting EXEC to all my user sprocs in one hit"
- In reply to: David Riddiford: "Problem changing Service Accounts"
- Next in thread: David Riddiford: "Re: Problem changing Service Accounts"
- Reply: David Riddiford: "Re: Problem changing Service Accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
