• Tony Sweet (4/24/2014)


    Think about it - if the other sysadmin leaves the company you now need to remove that from 50-100 servers. While this is easy to do with Powershell or something like that, you need to have the access setup before hand for this to work. If you are using AD groups then you just remove him from the group once, and it effects all 50-100 instances.

    A counter point to this is that when an employee leaves the company, his/her AD account is typically disabled (and eventually deleted). It's a single action that removes all access (sysadmin or otherwise) from all the SQL servers.