My understanding of the SA user account is that it should be used sparingly. As in, give it a complex password, lock it up in a safe and use it only in emergencies. If no one knows the password, the account theoretically can't be used to access the server/s.
If you can do the above and make all of your Administrators members of the "sysadmin" fixed server role, will this accomplish what's being discussed? If you need to restrict all Administrators from this specific database, don't assign anyone to the "sysadmin" role. However, this will probably complicate your life as you try to administer your system/s.
Any thoughts on the SA account use, and how much it should be used, or is commonly used?
cabby2583
Always Learn!