I know that Microsoft and everyone else recommends running SMS 2003 and SQL on the same box. Like some larger organizations, we have a centralized data warehouse that this must be run off of.

My questions and/or problem is with the SMS account having Admin rights on the SQL box. Why is that necessary? What does that account do on the box that it needs such rights? I cannot find any documentation on what is done on the SQL box by SMS other than the database rights. Logically, I would expect read/write access to just a database, not a whole server should be sufficient. I am assuming for one, that it will create accounts on the SQL box. What are those accounts and what do they do? What else is done?

Thank you to anyone who can answer my question(s).
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
The SMS account should have admin rights on every machine managed through SMS, if it does not then you will not be able to perform monitoring, software installations, hardware accounting and so on. It will also require read and write access to the SMS database on the SQL server to modify the database.
Answered 06/07/2004 by: cdupuis
Third Degree Green Belt

Please log in to comment
0
I was aware about the admin rights for the other machines. My curiosity is in reards to why the SQL server requires the SMS Service account to have admin rights to it. The SQL server will not be managed through SMS in my case, only desktop computers. I do not understand why an admin account on the SQL server is required if its only use is for SMS to read/write to its database.
Answered 06/07/2004 by: virusflashfx
Yellow Belt

Please log in to comment
0
You might not need to have the admin rights if you choose not to manage the server. All I was saying that in the event that you were then it may have been a good idea.
Answered 06/07/2004 by: cdupuis
Third Degree Green Belt

Please log in to comment
0
The response I got from Microsoft was this, incase anyone was curious:

SMS creates a service (smsdbmon) on the SQL Server in order to monitor
changes to objects and fire change notifications back into the site.
This service also handles scheduling and execution of tasks such as backup
and the delete aged discovery task.
(And it monitors the health of the SMS database)
Admin rights are required to install a service.
Answered 06/08/2004 by: virusflashfx
Yellow Belt

Please log in to comment
0
Yes, but once the service is installed, does SMS require the ability to stop/start/pause that service?. In that case it may be possible to install that service on the SQL box with temporary admin rights, then revoking those rights after? Might be worth a test run in the lab.
Answered 06/08/2004 by: cdupuis
Third Degree Green Belt

Please log in to comment
Answer this question or Comment on this question for clarity