I'd like to be able to turn on IFI http://bit.ly/1dK32Dc on a new or existing Windows Server box with SQL Server, via T-SQL or Powershell. Don't want to go through the "Local Security > Local Policies > User Rights Assignment > Perform volume maintenance tasks > Add user" route – need to deploy new machines through a script, no manual interaction. Assume the SQL Server service account doesn't change.
For new installs, when I choose the account, I'm able to run the below Powershell script and it solves the problem:
$sqlaccount = "domain\account"
# https://technet.microsoft.com/en-gb/library/bb490997.aspx
secedit /export /cfg C:\secexport.txt /areas USER_RIGHTS
$line = Get-Content C:\secexport.txt | Select-String 'SeManageVolumePrivilege'
(Get-Content C:\secexport.txt).Replace($line,"$line,$sqlaccount") | Out-File C:\secimport.txt
secedit /configure /db secedit.sdb /cfg C:\secimport.txt /overwrite /areas USER_RIGHTS
However, for existing SQL installs, can't figure a way to query the configured SQL Server service account – and feed it to this script. Looking for a solution with WS 2012 R2 in mind, but something that would also work on WS 2003 R2 would be best (supports up to Powershell 2 if I'm not mistaken ?).
Best Answer
(Get-WmiObject win32_service | where { $_.displayname -eq "SQL Server"} ).startnameReplace the name with the displayname of your SQL server service