Startup Service Account dimmed | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

Startup Service Account dimmed

Hi, I want to change from System account to Domain account, however, the Startup Service Account section is dimmed? What should I do?
Found the solution. It was becuase I am not the administrator in that server. Thanks!
Nice troubleshooting, make sure that Domain account does have all necessary admin privileges this time <img src=’/community/emoticons/emotion-5.gif’ alt=’;-)’ />.<br /><br />_________<br />Satya SKJ<br />Moderator<br />SQL-Server-Performance.Com<br />
FYI with your services starting with the domain admin, changes to the domain or domain administrator can cause SQL to not start. It’s not a big deal if you know the problem, but I have seen several people panic from these results.
Sorry if I’m misinterpreting the comments here, but I would NEVER run SQLServer using a domain admin account… I can’t think of any reason why you’d want to do that. I would also be reluctant to use an account that is a local administrator, since again most of the time it is not required… A standard domain account, with only the rights as assigned by Enterprise Manager, plus access to additional backup directories, etc. should work for almost any situation Cheers
Twan, are you talking about the SQL security manager or the services permissions. If you are talking about the services why not use the system account if you already have your server secure. I also hope that the domain admin is kept safe, if not then nothing is safe in the domain. I look forward to hearing your thoughts as I could be missing something. Most of my experience is in Windows with one year of work in SQL.

Hi there, I am talking about the NT accounts used for the SQLServer and SQLAgent services. You often require a domain account to allow cross-server communication and backing up to a location on the network, etc. The mistakes often made are to use a local administrator or even worse a domain administrator account to do this. A less-than-ideal written application, or a lapse in assigning SQL privileges can easily result in the service account being compromised. Either a local or a domain administrator account would not be a good account to have compromised… The account(s) used for the services will need the sysadmin role in SQL to be able to function, along with a whole set of rights, file and registry permissions (luckily these are assigned for us by Enterprise Manager when we set up the account) Cheers