background image

Configuring Your Target Machines

271

Figure A-2: Setting SQL Server IP addresses in the TCP/IP 
Properties dialog

By default, the SQL Server runs under the low-privilege Network Service 

account, which is a great default. However, it’s not entirely realistic for what 
we find deployed in the field, and often administrators change this rather 
than trying to troubleshoot permissions issues.

On most target systems, we have found that the SQL Server Browser 

service is running as an elevated SYSTEM-based account. Most systems have 
the SQL Server Service logged on as Local System, the default in older versions 
of Microsoft SQL Server (2000 and earlier). Therefore, you should change 
the account by double-clicking 

SQL Server (SQLEXPRESS)

 and setting 

Log 

on as

 to 

Local System

.

 Click 

OK

 when you have finished. Then right-click 

SQL Server (SQLEXPRESS)

 and select 

Start

. Do the same with SQL Server 

browser.

Finally, close the Configuration Manager and verify that everything is 

working properly by opening a command prompt and running 

netstat -ano 

|find "1433"

 and 

netstat -ano |find "1434"

. Your IP addresses configured earlier 

should be listening on TCP port 1433 and UDP port 1434, as shown here:

Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator>

netstat -ano |find "1433"

   TCP      127.0.0.1:1433          0.0.0.0:0   LISTENING   512
   TCP      192.168.1.155:1433      0.0.0.0:0   LISTENING   512
C:\Documents and Settings\Administrator>

netstat -ano |find "1434"

   UDP      0.0.0:1434        *:*
C:\Documents and Settings\Administrator>