Hello... kind of a "newbie" question here, but appreciate the insight.
In order to bring our systems in line with best practices, I'm changing a couple of SQL instances from running under LocalSystem to running under a specific account. Same goes for the SQL Agent.
Note that these accounts are local Windows accounts, not AD accounts.
I've made all the Books Online-recommended security settings but was wondering the following:
Should the Agent/Server accounts be part of the Users group? In other words, are the permissions specified in Books Online ALL that's needed (and I can therefore remove them from the Users group)?
Should the Agent/Server account be allowed to logon locally?
Thanks for tips.
May 28, 2004 1:12 PM
June 3, 2004 8:56 PM