Problem solve

Limiting the rights of SA

Can you limit rights for the SA login? I know this will open a whole can of worms, but we have a group of SQL Servers with no password. We are trying to figure out the least painful way of correcting this huge security hole. We thought we could create our own "sa" login and password then delete/limit SQL Server's SA login, then change all database owners from SA to our login. I am new to SQL Server and not quite sure of the ramifications of just giving SA a password. None of our applications use SA in the program, so that is good. What about jobs, sp_ ... It's a nightmare and gives me a headache.

SA is an all powerful user. Even if you change the owner SA still can do anything with them. Treat the root cause...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

and assign a strong SA password. I really cannot assess the impact of what assigning an SA password in your environment will be. However, worst case you could always change it back to blank (shock horror) if you discover any issues until you resolve them. The fact databases are owned by sa is not going to be affected by a password change.

For More Information

Dozens more answers to tough SQL Server questions from Tony Bain are available here.
The Best Microsoft SQL Server Web Links: tips, tutorials, scripts, and more.
The Best SQL Web Links
Have a SQL Server tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
Ask your technical SQL Server questions -- or help out your peers by answering them -- in our live discussion forums.
Ask the Experts yourself: Our SQL, database design, Oracle, SQL Server, DB2, metadata, object-oriented and data warehousing gurus are waiting to answer your toughest questions.

This was last published in February 2003

Dig Deeper on Microsoft SQL Server Installation

All
News
Get Started
Evaluate
Manage
Problem Solve

Finding the right problem for SQL Server 2014's in-memory OLTP

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our SQL Server experts

View all SQL Server questions and answers

SearchBusinessAnalytics

For More Information

Related Resources

Dig Deeper on Microsoft SQL Server Installation

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.