sa password been reset and BUILTIN/Administrator has been removed from sysadmin group
Posted on 2003-03-21
A SQL SERVER 7 machine on my network was used and abused by a user, who reset the sa password and removed the NT/Administrator user from the SQL server sysadmins group, rendering it inaccessable to any sysadmins.
How can I get sysadmin privileges back on the sql server?
I have tried,
1) starting it in single user mode and trying to connect to it. (i think there is some scope for more investigation here, but im not sure what to try)
2) trying to connect to it using NT privileges.
3) a brute force sa password hack - but this was only check 5 passwords a second, and would have taken many years to get to 8 chars
I can stop the service and copy the mdf and ldf files to another machine and restore them, but then I'm going to end up with the same problem on another machine.
Is there any way I can extract or reset the sa password to blank using a utility?