BuiltIn\Administrators group is present as a login on Biztalk SQL Server (database server) and is a member of the sysadmin role in it. As part of our security policy, our IT security team wants it to be removed from this role and also as a login from this server. Does removing BuiltIn\Administrators from sysadmin role have any impact on the Biztalk server and database server and the overall biztalk functionality. Our Biztalk server 2006 (applications) and SQL database server (containing messagebox, management database etc) are hosted on different machines.
Hi,
The reason why builtIn\Administrators group has the sysadmin role is because, during the SQL setup, you have probably selected that this group might be added to the sysadmin role.
You can remove the builtIn\Administrators if you are sure that there is an account that has sysadmin rights, otherwise, you could lock yourself out ( if you need sysadmin rights)
Regards