How BESAdmin and other services connect to the db is based on your ODBC definition. Check in ODBC Admin (odbcad32.exe) how the bes_bfenterprise System DSN is configured. If you want to use NT Authentication to connect as the user running the services/BESAdmin, then configure the DSN as such. Right now it is configured to use SQL authentication, so BESAdmin will prompt you to login as ‘sa’ and the other BES services will expect SQL credentials to be stored in the registry.