Disabling SQL 2000 SA account

Posted on 2005-05-12
Last Modified: 2008-02-20
I have inherited an archaic program that runs on sql 2000 which is directly connected to the internet.  Basically 1433 needs to be open and the box sits on my dmz, so 1433 is exposed to all.  I have closed all other inbound and outbound ports fro this box through my firewall.  I would like to disable the sa account totally.  Is this possible, and if so, what is the best practice to accomplish this?

Question by:rptsysadmin
    LVL 7

    Accepted Solution

    Have you thought about making the security to Windows Authentication only?  (Not Mixed-Mode)

    To remove the sa account you would have to change the database owner for all of the databases where sa was the owner.  Remove SA from the System Administrators role and it might be a good idea to remove Builtin\Administrators from the System Administrator role as well.

    Of course, before you do all this you want to ensure that you have an account that has SysAdmin privileges and that you can login under that account.

    You also may need to modify any jobs that may use SA as the "Run Under" account and also that have SA set as the owner.

    Author Comment

    Yes,  i have thought about changing to windows authentication.  Would that be done ONLY through the registry under loginmode key?  or is there another way to do that?

    i would rather use windows authentication only and not have to worry about removing the sa.
    LVL 7

    Expert Comment

    You go into Properties for the SQL Server (in Enterprise Manager) and change the login mode in the Security tab.
    LVL 7

    Expert Comment

    I provided a solution, and went further by recommending Windows Authentication

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    This is my first ever Article on EE or elsewhere; therefore, please bear with me if I have some discrepancies in my writing. I read many articles and questions related to "how to pass values to SSIS packages at run-time?"  Hence, this common ques…
    International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
    Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
    Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now