Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Is there a way to add an administrator level user via a dos command prompt?

Posted on 2007-12-03
4
Medium Priority
?
826 Views
Last Modified: 2012-06-27
i have a client whose system was apperently hacked.  one of the things that was done was that the sa user in msde had their password changed. now our odbc connections that relied on sql authentication will not work.  is there a way to add or change a administrator password and then delete and readd the sa without having the current sa password.

tia.
0
Comment
Question by:CASorter
  • 2
4 Comments
 
LVL 25

Expert Comment

by:jogos
ID: 20400086
every action for which a sql-command exists can be done from a command file. But no surprise propper credentials are needed. Without propper credentials it's called hacking and not many people want techniques to do that spread on a forum.

But the database is hacked.  Even when you can recover your sa-user will you ever be sure there are no other 'hidden' modifications that could be awkward: account numbers, prices, addresses,....
Backups can serve for that purpose.
0
 
LVL 30

Expert Comment

by:nmcdermaid
ID: 20400305
By default, if you log on to the server as a local or domain administrator, you can then log into the SQL Server in 'trusted' mode, and it will let you in.
0
 

Author Comment

by:CASorter
ID: 20415668
i dont have a sql enterprise interface...   just msde

so how do i connect and know i connect via a command prompt?

once i "get in"   can i create a new admin level user, delete the original sa and either create a new sa with a new password or just use the new admin user?

would a restore of a backup clear out users?
0
 
LVL 30

Accepted Solution

by:
nmcdermaid earned 2000 total points
ID: 20415850
Two options to log in:

Hard option: use ISQL, a command line interface (unless you like that kind of thing)
Easy option: Download Management Studio Express from Microsft, which is free, and use that.


>> once i "get in"   can i create a new admin level user, delete the original sa and either create a new sa with a new password or just use the new admin user?

You can change the authentication to be windows only, this disables all SQL logins (like sa) but you'll need to change your application to use windows authentication.

Alternatively you can just change the sa password

You need to consider now whether you want to use ONLY windows security. This will stop someone guessing your sa password and messing it up, but this may not suit your application architecture.

One big advantage of windows authentication is that the user doesn't have to remember another password. It just logs in directly.



>> the sa user in msde had their password changed. now our odbc connections that relied on sql authentication will not work

Are you saying that your ODBC logins used sa to log in? Thats a bit of a no-no.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why is this different from all of the other step by step guides?  Because I make a living as a DBA and not as a writer and I lived through this experience. Defining the name: When I talk to people they say different names on this subject stuff l…
Windocks is an independent port of Docker's open source to Windows.   This article introduces the use of SQL Server in containers, with integrated support of SQL Server database cloning.
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question