You have just installed a new SQL Server on your network, and you want to make sure no Windows administrator has administrative access on the SQL Server until receiving the proper training. What you do to keep a Windows administrator from trying to administer the new SQL Server and possibly damaging it?

You have just installed a new SQL Server on your network, and you want to make sure no Windows administrator has administrative access on the SQL Server until receiving the proper training. What you do to keep a Windows administrator from trying to administer the new SQL Server and possibly damaging it?

You have just installed a new SQL Server on your network, and you want to make sure no Windows administrator has administrative access on the SQL Server until receiving the proper training. What you do to keep a Windows administrator from trying to administer the new SQL Server and possibly damaging it?


Answer: – Remove the BUILTIN\Administrators account from SQL Server. Then create a SQLAdmins group in Windows, and add all the SQL administrators to the new group. Finally, create a login mapped to the SQLAdmins group, and add it to the sysadminds role.

(The most secure and easiest way to accomplish this task is to remove the Windows Administrators group from the SQL Server and add a new group of your own creation in its place. You do not actually have to remove the login entirely; however, because you have no use for it afterward, you don’t need to keep it around.)