Identical sa loginid | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

Identical sa loginid

Hi, For security reasons i need to create an identical login id to "sa" or say "BuiltInAdministrators" with all the system & database rights that the above login id has. Say i create a new id "syad", give the server roles right as System Administrators & database access rights (public & db_owner) to all the databases, but over here the database user is "syad" instead of "dbo" which might result in change of ownership if certain objects are to be created using the "sysd" login. Apart from this is there any other difference between "sa" & "syad" & how do we resolve the above mentioned problem. Thanks Bhushan
option 1: sql user create a new login, grant them the sysadmin role They now have access to allow databases in the same way as sa option 2: windows group create a windows group, create a new login mapping to that group, grant the login sysadmin tole. Now any member of the windows group will act as the sa user, unless other groups explicitly deny access windows group tends to be favoured since it makes it easy to add/remove people, avoids people sharing admin accounts and avoids having to log in (can use pass-through authentication) Cheers
Twan NOTE that you can’t remove the sa account, and it can only be ‘disabled’ is you set the server to Windows Authentication. The BuiltinAdministrators group can be removed if you have admin access via another means (you may need to add other built in accounts if you’re clustering or use full-text search)
Thanks Twan for the reply, iam familiar with the steps you have mentioned but i need to resolve the problem of database user which will be "syad" instead of "dbo" for all the databases, resulting in change of ownership of objects from dbo to syad during creation. Bhushan
The owner of the tables should be dbo if the login has sysadmin rights and no user id in the database… So all objects created with syad should have dbo as their owner… The only exception to this is any new databases created using syad which you’d need to detach and reattach…
]]>