Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 563
  • Last Modified:

SQL Sever 2005 Local System Account & Network Permissons Question

SQL server 2005, Server 2003 not using AD.  Standalone Server.  What if I don't use the local system account and instead create 1 local account for the SQL Agent Service and SQL Service.  Would I then be able to  assign all the necessary permissions to this account that would allow me to run the product and also connect to other resource on other computers?  Some of the informaiton I am reading says that the Agent must be configured as a member of the sysadmin fixed server role in SQL server.  Could I not just assign the local account I create to this server role?  Allow access to this computer via network is an option on the under local security policy I can also add this account to.
0
kdschool
Asked:
kdschool
  • 2
1 Solution
 
imitchieCommented:
That looks like it will work.  As you said, just remember to add the user to the sysadmin role
0
 
mcmonapCommented:
Hi kdschool,

>>>>
SQL server 2005, Server 2003 not using AD.  Standalone Server.  What if I don't use the local system account and instead create 1 local account for the SQL Agent Service and SQL Service.
<<<<
I would do this regardless.  All good.

>>>>
Would I then be able to  assign all the necessary permissions to this account that would allow me to run the product and also connect to other resource on other computers?
<<<<
The windows account will will allow you to run the product, it won't allow you to connect to other resources on other computers unless you set this up seperately.  This is not a SQL thing, it ia windows authentication thing.

>>>>
Some of the informaiton I am reading says that the Agent must be configured as a member of the sysadmin fixed server role in SQL server.
<<<<
The account is required to be a sysadmin. see here:
http://msdn2.microsoft.com/en-us/library/ms191543.aspx

>>>>
Could I not just assign the local account I create to this server role?
<<<<
Yes, as per last question

>>>>
Allow access to this computer via network is an option on the under local security policy I can also add this account to.
<<<<
Yes - this is a windows policy though, not SQL, it will not give the account permissions on other machines, you must deal with Windows authentication for that to work.
0
 
kdschoolAuthor Commented:
mcmonap: Can you please clarify  this response?
Yes - this is a windows policy though, not SQL, it will not give the account permissions on other machines, you must deal with Windows authentication for that to work

Are you saying if both servers have the same account with the same permissions in windows then I should be able to share resources between them... even SQL data ?  I have a back-up server that I want to use to duplicate the databases so that if server goes down I can just have DNS point to back-up server and they would have same data there.  I would want to use the SQL Server Management Studio to do this if possible.  This is my main concern sharing resources between SQL servers and also for backing up data to external resources since I am forced to use a local password. Thanks so much.

 
 
 
0
 
mcmonapCommented:
Hi kdschool,

>>>>
Are you saying if both servers have the same account with the same permissions in windows then I should be able to share resources between them... even SQL data ?
<<<<
No, I don't think this will be possible in the way you want.  To use windows authentication across a number of computers I think you must be in a windows domain environment (it may work if you have the same usernames and passwords on computers in a workgroup but I don't have resources to test at present).  In this instance you would need to use SQL Server authentication

>>>>
I have a back-up server that I want to use to duplicate the databases so that if server goes down I can just have DNS point to back-up server and they would have same data there
<<<<
Have you considered database mirroring for this task?  I think you need to use certificated authentication in a non-domain environment.
Mirroring FAQ: http://www.microsoft.com/technet/prodtechnol/sql/2005/dbmirfaq.mspx
Certificate autherntication: http://msdn2.microsoft.com/en-us/library/ms186360.aspx
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now