BUILTIN\ADMINISTRATORS EVENT 6013
- From: "JD" <ntborg@xxxxxxxxx>
- Date: Fri, 24 Feb 2006 23:09:55 -0600
I have been getting a weird SQL event message the applications event log. I
am running
sql 2000 sp 3a
windows 2003 standard server sp1
I removed the BUILTIN\ADMINISTRATORS account. Is there somthing I missed
when removing this account. I was told the NT AUTHORITY\SYSTEM account can
lead to sql injection attacks. Some say just add the builtin administrators
account back but it goes against best practices and I would like to work
around it. iS this possible... Seems like I have been running into more
problems by removing this account. Any help is appreciated.
Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize. hr
= 0x80040e4d. SQLSTATE: 42000, Native Error: 18456
Error state: 1, Severity: 14
Source: Microsoft OLE DB Provider for SQL Server
Error message: Login failed for user 'NT AUTHORITY\SYSTEM'.
0000: 2d 20 43 6f 64 65 3a 20 - Code:
0008: 53 51 4c 43 4f 4e 4e 43 SQLCONNC
0010: 30 30 30 30 30 34 39 31 00000491
0018: 2d 20 43 61 6c 6c 3a 20 - Call:
0020: 53 51 4c 43 4f 4e 4e 43 SQLCONNC
0028: 30 30 30 30 30 33 39 37 00000397
0030: 2d 20 50 49 44 3a 20 20 - PID:
0038: 30 30 30 30 32 38 38 30 00002880
0040: 2d 20 54 49 44 3a 20 20 - TID:
0048: 30 30 30 30 34 38 30 34 00004804
0050: 2d 20 43 4d 44 3a 20 20 - CMD:
0058: 43 3a 5c 57 49 4e 44 4f C:\WINDO
0060: 57 53 5c 53 79 73 74 65 WS\Syste
0068: 6d 33 32 5c 76 73 73 76 m32\vssv
0070: 63 2e 65 78 65 20 20 20 c.exe
0078: 2d 20 55 73 65 72 3a 20 - User:
0080: 4e 54 20 41 55 54 48 4f NT AUTHO
0088: 52 49 54 59 5c 53 59 53 RITY\SYS
0090: 54 45 4d 20 20 20 20 20 TEM
.
- Prev by Date: Error when trying to execute a job from windows service.
- Next by Date: Re: SQL 2000 drops connection, DDOS attack?
- Previous by thread: Error when trying to execute a job from windows service.
- Next by thread: Re: sql server 2000/adp security problem
- Index(es):
Relevant Pages
|
|
