![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 13%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,808 questions
I'm not very good at AGs, but I can't but see that you need to fail over the database through all four nodes to make the change on both. SQL Server needs to update sys.databases.owner_sid in master on all four nodes. On the first change, the sys.database_principals.sid will be updated in the database, and this will be propagated to all secondaries, so you will get a SID mismatch between the database and master, which is a recipe for problems.
Now, the real reason I post is that I don't think you should make sa the owner. That is not good practice for security reasons. In my opinion, a database should be owned by an SQL login which exists solely to own that database, and which has no permissions whatsoever. It should also be disabled so that it cannot login.
To do this with your AG, you need to be a little careful. If you just run:
CREATE LOGIN MyDB$Owner WITH PASSWORD = 'randomstring'
the SID will be different on all four instances. So once you have created the login on the first server, pick up the SID from sys.server_principals.sid, and use the WITH SID option to explicitly set the SID when you create the login on the other instances.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 46%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)