Windows Security for the DBA (need help)
-
Fellow DBA's, I just started working for a new company that doesn't want to give me windows admin rights to the Sql server boxes that I manage. They will give me the rights if I really want them; however, I think that everyone would be happier if I had some documentation or best practices on granting windows security to DBA's. Every company that I have ever worked for gave me full admin rights to each server that Sql server was installed on. I guess I had always taken it for granted. I am having issues even starting and stopping services as a result. Oh, I could kick and scream about not having access; however, I do not want to be resented for not getting proof.
Suggestions, documentation?
Bobby Johnson
-
This is a very old problem in which politics are always involved. For "normal" day-to-day opearations you *don't* need admin rights. The problem ( in my experience ) comes when something happens on the server and you have an SLA to fullfill and not the necessary rights to perform "certain" actions. I have found that "Power User" works for most situations but for example Server Setup or Service Pack rollup are cases in which being local admin is a good thing
* Noel -
Try the Setting Up Windows Service Accounts topic in Books On-line.
For instance, it says to use Database Engine Tuning Advisor, on first use a user with system administrator privileges must initialize the application.
Also, if you don't have admin rights I'm wondering if you would have enough privileges to apply SQL Server service packs and patches. If you wouldn't, who would be responsible for applying these?
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply