Do any of the service accounts (accounts used by SQL Server, Share Point, etc.) need to be members of the built-in administrators group? These accounts are not members of Domain Admins, but rather the built-in “Administrators” group. If I’m understanding this correctly, this would be the well-known SID S-1-5-32-544. That’s the built-in administrators group that is the local admin group for every computer.
*This post is locked for comments
I have the same question (0)
