SQL Security Breach

we have 4 sql servers running in mixed authentication mode

it appears someone that no longer works with us has changed the SA password

I still have access to the master database using the domain admin account with windows authentication

We need to regain control of the sa account.

cannot use sa_passwrd procedure as we dont know the current sa password

and sa_changedbowner procedure says we can not chage the owner of the master database.

does anyone have any method of getting the SA password or changing it when it is not known.


SQL 2000
Windows 2000 Server
NT4 Domain Controllers.
LVL 2
RaybansTechnical ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bbaoIT ConsultantCommented:
can you get into sql server enterprise manager, with integrated windows authentication? if you do, just go there to change the security mode to system, change the password by right clicking the server icon then choose the corresponding task.

hope it helps,
bbao
bbaoIT ConsultantCommented:
just run my sql2k and got into the enterprise manager, let me give you much specific instructions: choose MS SQL Servers/SQL Server Group/computername/Security/Login from the left pane, right click the user "sa" at the right pane, choose Properties, change the password there, retype it again. thanks ok.
RaybansTechnical ManagerAuthor Commented:
where do you change the security mode to system??

(sorry for being a little slow, SQL is not usually my area, but trust from the boss is)
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

bbaoIT ConsultantCommented:
ok, right click MS SQL Servers/SQL Server Group/computername, choose Properties, then choose Security tab, it is there. btw, have you changed sa's password? if so, just keep current security mode if you like.
RaybansTechnical ManagerAuthor Commented:
I can not change the SA password which is what I am trying to do.

when you describe security mode as system

are you talking about windows only, as I can not see any reference to system
bbaoIT ConsultantCommented:
1. odd, i just changed my sa before my 2nd post, to make sure what i posted is correct. just tell me what the enterprise manager (with MMC) said for it.
2. sorry for confusion. yes, it should be "widnows only".
RaybansTechnical ManagerAuthor Commented:
still wouldnt let us do that

although what you said worked on the test box the production box would not let us.

but the anwer was since we had access using the domain account from windows to run the sp_password and reset the SA account that way

thanks for your help anyway.
RaybansTechnical ManagerAuthor Commented:
(( I want to award you 150 points still for helping so quick even though the answer was one we had already tried and was not the solution, how do I do that??? ))
bbaoIT ConsultantCommented:
nice to hear it. just recommend you save SA's password safely and create a backup DB administrator with same rights as SA.
bbaoIT ConsultantCommented:
you mean you want to award me 500 points with additional 150 bonus to me? :-)) if so, thanks in advance. you may just new a 150 points question and fill the subject as "dedicated for bbao", i think.
RaybansTechnical ManagerAuthor Commented:
ShogunWadeCommented:
Just for reference in the worst case senario if the sa pwd is not known and domain admins have been demoted, etc.   with the SQL install disk you can rebuild the master db which will allow you to reset the sa pwd.
RaybansTechnical ManagerAuthor Commented:
thanks ShogunWade, good to know
bbaoIT ConsultantCommented:
ShogunWade, "SQL install disk"? you mean its CD-ROM? to build master db, i have to insert its original CD? didnt hear that before....
ShogunWadeCommented:
welcome.
ShogunWadeCommented:
bbao,   there are other ways of doing it of course, but it makes it easier from the CD cos it gives you a nice wizard.   its the Mr Lazy way of doing it which is why i like it.
bbaoIT ConsultantCommented:
o? just noticed what Raybans meant for those "bonus", hehe. if so, i reject to accept such a way to be awarded points except it was real bonus. there is no such an EE policy that allows asker to decrease points after the quesion solved. anyway, the asker can decide the grade according to his/her satisfaction.

i would assume that Raybans might use such a way to save some points, but i dont think it is a right way to reduce asker's cost. i think you pay such a high points for this problem is for its emergency, and this question has been reponsed quick and solved quickly. so i dont think Raybans' point could be refund.

regards,
bbao

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RaybansTechnical ManagerAuthor Commented:
I have unlimited points, that was not the issue

your answer did not actually solve the problem and the problem was solved in house.
So points accourding to the rules should be "refunded"

but I did think your assistance deserved recognition, even if the answer was going in a different direction to the solution.

I have no need to save points, as I have paid in full for my account here, which gives me unlimited points to give out for questions.

Sorry if my method or reasoning is incorrect, I would be happy to get a commment on the way I have tried to handle the award of points in this case.

bbaoIT ConsultantCommented:
ShogunWade, thansk for your idea, i will try it next time.

Raybans, i just did read your comments in two questions, and have understood what and why you did, it was reasonable from your viewpoint, although i did not think some steps were proper enough. you know, it is valuable to make question as PAQ for other people who has similar problem. thanks for your points and grade.

Netminder, thanks for your help and effort. i think it would be better if EE could give formal policy or suggestion to deal with such situation. you know, personally, i dont think it is very good to reduce points after experts involved or conclusion made.

enjoy EE,
bbao
bbaoIT ConsultantCommented:
Netminder, nice to see your reply so quickly. ok, agreed with you, that's EE's unique style even culture. we guys enjoy EE and the way to solve problems...
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server

From novice to tech pro — start learning today.