Solved

SQL Sever 2005 Local System Account & Network Permissons Question

Posted on 2007-11-19
4
504 Views
Last Modified: 2008-02-01
SQL server 2005, Server 2003 not using AD.  Standalone Server.  What if I don't use the local system account and instead create 1 local account for the SQL Agent Service and SQL Service.  Would I then be able to  assign all the necessary permissions to this account that would allow me to run the product and also connect to other resource on other computers?  Some of the informaiton I am reading says that the Agent must be configured as a member of the sysadmin fixed server role in SQL server.  Could I not just assign the local account I create to this server role?  Allow access to this computer via network is an option on the under local security policy I can also add this account to.
0
Comment
Question by:kdschool
  • 2
4 Comments
 
LVL 25

Expert Comment

by:imitchie
ID: 20314604
That looks like it will work.  As you said, just remember to add the user to the sysadmin role
0
 
LVL 15

Expert Comment

by:mcmonap
ID: 20315182
Hi kdschool,

>>>>
SQL server 2005, Server 2003 not using AD.  Standalone Server.  What if I don't use the local system account and instead create 1 local account for the SQL Agent Service and SQL Service.
<<<<
I would do this regardless.  All good.

>>>>
Would I then be able to  assign all the necessary permissions to this account that would allow me to run the product and also connect to other resource on other computers?
<<<<
The windows account will will allow you to run the product, it won't allow you to connect to other resources on other computers unless you set this up seperately.  This is not a SQL thing, it ia windows authentication thing.

>>>>
Some of the informaiton I am reading says that the Agent must be configured as a member of the sysadmin fixed server role in SQL server.
<<<<
The account is required to be a sysadmin. see here:
http://msdn2.microsoft.com/en-us/library/ms191543.aspx

>>>>
Could I not just assign the local account I create to this server role?
<<<<
Yes, as per last question

>>>>
Allow access to this computer via network is an option on the under local security policy I can also add this account to.
<<<<
Yes - this is a windows policy though, not SQL, it will not give the account permissions on other machines, you must deal with Windows authentication for that to work.
0
 

Author Comment

by:kdschool
ID: 20319696
mcmonap: Can you please clarify  this response?
Yes - this is a windows policy though, not SQL, it will not give the account permissions on other machines, you must deal with Windows authentication for that to work

Are you saying if both servers have the same account with the same permissions in windows then I should be able to share resources between them... even SQL data ?  I have a back-up server that I want to use to duplicate the databases so that if server goes down I can just have DNS point to back-up server and they would have same data there.  I would want to use the SQL Server Management Studio to do this if possible.  This is my main concern sharing resources between SQL servers and also for backing up data to external resources since I am forced to use a local password. Thanks so much.

 
 
 
0
 
LVL 15

Accepted Solution

by:
mcmonap earned 500 total points
ID: 20331303
Hi kdschool,

>>>>
Are you saying if both servers have the same account with the same permissions in windows then I should be able to share resources between them... even SQL data ?
<<<<
No, I don't think this will be possible in the way you want.  To use windows authentication across a number of computers I think you must be in a windows domain environment (it may work if you have the same usernames and passwords on computers in a workgroup but I don't have resources to test at present).  In this instance you would need to use SQL Server authentication

>>>>
I have a back-up server that I want to use to duplicate the databases so that if server goes down I can just have DNS point to back-up server and they would have same data there
<<<<
Have you considered database mirroring for this task?  I think you need to use certificated authentication in a non-domain environment.
Mirroring FAQ: http://www.microsoft.com/technet/prodtechnol/sql/2005/dbmirfaq.mspx
Certificate autherntication: http://msdn2.microsoft.com/en-us/library/ms186360.aspx
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

This article will describe one method to parse a delimited string into a table of data.   Why would I do that you ask?  Let's say that you need to pass multiple parameters into a stored procedure to search for.  For our sake, we'll say that we wa…
When writing XML code a very difficult part is when we like to remove all the elements or attributes from the XML that have no data. I would like to share a set of recursive MSSQL stored procedures that I have made to remove those elements from …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now