Hi,

I have set up an Active Directory, Certificate Services on Windows 2003
Server. I am running SQL 2000 Server. AD and Certificate Services were
installed correctly.

My goal is to be able to use SSL when connecting to SQL Server via Query
Analyzer. I also want to keep the SQL Server installation under a "Domain
User" account with as little privileges as possible.

My problem is that SQL Server will not start when "Domain User" is only a
"member of" "Users" group. It starts when I make "Domain User" a "member of"
"Administrators". It seems that the SSL "forced encryption" will only work
with "Administrator" privileges which is the total access to control the
server, and this is not safe.

Does it mean that SSL "forced encryption" will only work under a "Domain
User" that is a "member" of "Administrators"? Is there another "Group" with
limited privileges that I could assign the "Domain User" to?

How else could I have the SSL work and SQL server installation in a "Domain
User" account?

Thank you for your help.