We have sensitive data that requires the builtin\administrators group be removed so domain admins are unable to see data. When we do this, SQL can continue to run under the local system account, but the SQL Agent cannot.
Does anyone else have a solution that will lockout NT admins (both local and domain) and allow both SQL and the SQL AGENT to run properly?
TIA
Ryan HuntDid you give the new domain account sysadmin rights?
And configure it to start with that account?|||Thanks for the response. I ended up just creating a local admin account for the agent with specific SA rights to the server. Then, had the only department allowed to have access to the data change the password. This seems like the best choice...
Thanks
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment