Solved

Is there a way to add an administrator level user via a dos command prompt?

Posted on 2007-12-03
4
776 Views
Last Modified: 2012-06-27
i have a client whose system was apperently hacked.  one of the things that was done was that the sa user in msde had their password changed. now our odbc connections that relied on sql authentication will not work.  is there a way to add or change a administrator password and then delete and readd the sa without having the current sa password.

tia.
0
Comment
Question by:CASorter
  • 2
4 Comments
 
LVL 25

Expert Comment

by:jogos
ID: 20400086
every action for which a sql-command exists can be done from a command file. But no surprise propper credentials are needed. Without propper credentials it's called hacking and not many people want techniques to do that spread on a forum.

But the database is hacked.  Even when you can recover your sa-user will you ever be sure there are no other 'hidden' modifications that could be awkward: account numbers, prices, addresses,....
Backups can serve for that purpose.
0
 
LVL 30

Expert Comment

by:nmcdermaid
ID: 20400305
By default, if you log on to the server as a local or domain administrator, you can then log into the SQL Server in 'trusted' mode, and it will let you in.
0
 

Author Comment

by:CASorter
ID: 20415668
i dont have a sql enterprise interface...   just msde

so how do i connect and know i connect via a command prompt?

once i "get in"   can i create a new admin level user, delete the original sa and either create a new sa with a new password or just use the new admin user?

would a restore of a backup clear out users?
0
 
LVL 30

Accepted Solution

by:
nmcdermaid earned 500 total points
ID: 20415850
Two options to log in:

Hard option: use ISQL, a command line interface (unless you like that kind of thing)
Easy option: Download Management Studio Express from Microsft, which is free, and use that.


>> once i "get in"   can i create a new admin level user, delete the original sa and either create a new sa with a new password or just use the new admin user?

You can change the authentication to be windows only, this disables all SQL logins (like sa) but you'll need to change your application to use windows authentication.

Alternatively you can just change the sa password

You need to consider now whether you want to use ONLY windows security. This will stop someone guessing your sa password and messing it up, but this may not suit your application architecture.

One big advantage of windows authentication is that the user doesn't have to remember another password. It just logs in directly.



>> the sa user in msde had their password changed. now our odbc connections that relied on sql authentication will not work

Are you saying that your ODBC logins used sa to log in? Thats a bit of a no-no.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Introduced in Microsoft SQL Server 2005, the Copy Database Wizard (http://msdn.microsoft.com/en-us/library/ms188664.aspx) is useful in copying databases and associated objects between SQL instances; therefore, it is a good migration and upgrade tool…
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now