I've seen this question asked several times on this list and after wondering
about it for quite a while, finally came across info on it...
It happens when the following criteria are met:
1. SQL Server is set up for "Integrated Security" or "Mixed Security".
2. The user is logged into an NT-managed domain.
3. The user is an NT administrator on the NT domain.
Do any of the following require SQL Server's "Integrated Security" to
function correctly/optimally together?:
Emerald 2.1.11 (or later)
RadiusNT 2.5.124 (or later)
ServU FTP 2.3c (or later) using emer_su.dll 4.4.1.1
OR, is there a way of preventing SQL Server from associating "sa" with an
NT-administrative account (aside from removing that account from the NT
Administrators group) while using Integrated/Mixed security?