Ask the Expert

Limiting the rights of SA

Can you limit rights for the SA login? I know this will open a whole can of worms, but we have a group of SQL Servers with no password. We are trying to figure out the least painful way of correcting this huge security hole. We thought we could create our own "sa" login and password then delete/limit SQL Server's SA login, then change all database owners from SA to our login. I am new to SQL Server and not quite sure of the ramifications of just giving SA a password. None of our applications use SA in the program, so that is good. What about jobs, sp_ ... It's a nightmare and gives me a headache.

    Requires Free Membership to View

SA is an all powerful user. Even if you change the owner SA still can do anything with them. Treat the root cause and assign a strong SA password. I really cannot assess the impact of what assigning an SA password in your environment will be. However, worst case you could always change it back to blank (shock horror) if you discover any issues until you resolve them. The fact databases are owned by sa is not going to be affected by a password change.

 

For More Information

This was first published in February 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: