Re: MSSQLServer Service Account

From: Hari Prasad (hari_prasad_k_at_hotmail.com)
Date: 06/28/04 

Date: Mon, 28 Jun 2004 16:11:06 +0530

Hi,

Requirements for Domain User Account

All domain user accounts must have permission to:

Access and change the SQL Server directory (\Program Files\Microsoft SQL
Server\Mssql).
Access and change the .mdf, .ndf, and .ldf database files.
Log on as a service.

Read and write registry keys at and under:
HKEY_LOCAL_MACHINE\Software\Microsoft\MSSQLServer.

-or- for any named instance service:

HKEY_LOCAL_MACHINE\Software\Microsoft\Microsoft SQL Server.
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\MSSQLServer.
-or- for any named instance:

HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\MSSQL$Instancename.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Perflib.

In addition, a domain user account must be able to read and write
corresponding registry keys for these services: SQLAgent$InstanceName,
MSSearch, and MSDTC.

SQL Server startup user should be:-

 Member of local Power Users or local Administrators group

SQL Server Agent should be :-

 Member of the Administrators local group
 Create CmdExec and ActiveScript jobs belonging to someone other than a SQL
Server administrator.

Thanks
Hari
MCDBA

"Phil" <anonymous@discussions.microsoft.com> wrote in message
news:2273a01c45cfd$6a7f85c0$a001280a@phx.gbl...
> Hi,
>
> We have an automated process which imports a file from a
> remote server. Unfortunately this requires the
> MSSQLServer service to be running under a domain account
> in order to be able to access the remote server. I have
> been unable to get SQL Server to start with anything other
> than Domain Admin rights.
>
> Do you know what rights are required for the MSSQLServer
> service to run?
>
> Thanks,
>
> Phil.

Relevant Pages

  • RE: Domain or Local User Account for Laptop SQL 2008 Services
    ... I think I'd like to use a Domain User Account for the SQL 2008 services, but if I do this, will SQL Server function properly when I'm not connected to my network? ... SQL Server will try to connect to your domain controller for establishing authentication at startup if you configured your SQL Server service to a domain user account. ... Microsoft Online Community Support ...
    (microsoft.public.sqlserver.setup)
  • Re: Linked Server Connection Error: 18459
    ... Did either of your SQL Server instances run under a domain user account? ... I recommend that you first ensure that your SQL Server ...
    (microsoft.public.sqlserver.connect)
  • Re: Windows authentication/impersonation.. login failed for user null?
    ... You must make sure that domain user account or the domain security group ... ia mapped to a SQL server login/Sql Server ... database user. ... and then make specific SQL Server login as ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Windows authentication/impersonation.. login failed for user null?
    ... You must make sure that domain user account or the domain security group ... ia mapped to a SQL server login/Sql Server ... database user. ... and then make specific SQL Server login as ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Disallow administrator access
    ... Remove the builtin\Administrators from the SQL Server instead of deny. ... "Todd Hazer" wrote in message ... > I have added my domain user account to the security logins and set ... > Jonas Larsen wrote: ...
    (microsoft.public.sqlserver.security)