The Windows NT user account, SQLExecutiveCmdExec, permits running CmdExec tasks that are owned by users other than system administrators (SAs). This means that all users can execute CmdExec tasks in the security context that is provided by the SQLExecutiveCmdExec account.
The SQLExecutiveCmdExec account is added by the SQL Server setup program when SQL Server is installed. By controlling the rights, permissions, and group memberships of the SQLExecutiveCmdExec account, Windows NT administrators can control the operating system privileges of tasks that are owned by users other than SAs. To configure the rights, permissions, and group memberships of the SQLExecutiveCmdExec account, use the User Manager application from the Administrative Tools program group under Program Manager.
By default, the SQLExecutiveCmdExec account is a member of the Users local group on the server. CmdExec tasks that are owned by SAs run in the security context of the user account that is assigned to SQL Executive. Generally, the assigned user account belongs to the Administrators local group on the server.