February 24, 2008 at 10:59 pm
Hi All,
Can any you tell me, what would happen if i delete the "BUILTIN\Administrators" login from my system and also the use of the same.
---
February 24, 2008 at 11:50 pm
Hi,
Impact of removing this group is your system administrators will not be able to access SQL Server and possbily the service accounts. Please have a read of following document for further background information.
http://support.microsoft.com/kb/932881
Thanks,
Phillip Cox
MCITP - Database Administrator
February 25, 2008 at 9:13 am
I used to delete this account, but I have started just removing it from the sysadmin group. I know my Network Admin's don't need sysadmin access to my SQL Servers.
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
February 26, 2008 at 3:12 am
It is good practice to remove the BUILTIN/Administrators login.
Before you do this, there is an obvious bit of work to do:
a) Get a Windows group created for the DBAs
b) Add the DBA accounts to the DBA group
c) Add the DBA group as a SQL login
d) Grant the DBA group System Administrator rights
If you run Analysis Services, you should also add the DBA group as to the AS Server role, and disable local administrators from being AS administrators.
Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.
When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara
February 27, 2008 at 7:38 am
If the instance of SQL Server is clustered you will also need to make sure the cluster service account has been explicitedly added as a login or a group it is a member has been granted access. If you do not do this SQL Server will not come on line.
February 28, 2008 at 9:05 am
Removing BUILTIN\ADMINISTRATORS and adding a service account is the recommended config in SQL Server. So you are on the right way.
Cheers,
Sugeshkumar Rajendran
SQL Server MVP
http://sugeshkr.blogspot.com
March 18, 2009 at 12:39 pm
Any thoughts on the sql server agent / default profile for dbmail? One of my clients removed the builtin administrator and all the jobs we had running have failed. I haven't logged on to see if I can easily see what needs to be done but I thought I would ask here while I'm trying to figure that out. Thank you! Jamie
March 18, 2009 at 1:03 pm
Never mind! Thank you anyway. 🙂
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply