?
Solved

What's the process to change the service account (domain) password in sql server 2008?

Posted on 2012-03-19
14
Medium Priority
?
443 Views
Last Modified: 2012-04-11
Hi there,
We have a domain account as a service account on our all SQL Server 2008 envs.  We need to change the password for ISO compliance... What the process to change it and what is/are the look out things we need to do before we change it? Thank you!
0
Comment
Question by:hpradhan08
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
14 Comments
 
LVL 20

Expert Comment

by:BuggyCoder
ID: 37741020
open service.msc, go to your sql service (SQLSERVER(InstanceName)) service.

Double click the service(Right click-->Properties)

Open in logon tab and change the password....
0
 
LVL 7

Expert Comment

by:abdulalikhan
ID: 37741169
After putting the new password in the service log on tab, restart the services. Check all the SQL services which are using this service account.
0
 
LVL 69

Expert Comment

by:Scott Pletcher
ID: 37742725
NO.

You NEVER change a SQL password thru Windows.

Change the password in AD.

For SQL 2008, use SQL Server Configuration Manager to change the password in SQL; the tool will automatically change the password in Windows also.

If you change the password from Windows, you will lose the automatic coordination of the passwords between SQL and Windows and have a mess on your hands to get it corrected :-( .
0
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

 

Author Comment

by:hpradhan08
ID: 37745611
Hi Scott,
I read about that. Thank you for bringing that up. What if I use 'window's security and 'change password' there... Is there a consequences of that?  Thank you in advance for your prompt response.
0
 
LVL 69

Expert Comment

by:Scott Pletcher
ID: 37747474
Yeah, IIRC, I think there is, or certainly could be.  The two passwords can get out of sync.  In some cases you have to make registry changes by hand -- not fun.

You could try going into the SQL tool and making the same change ... not sure if it will correct everything or not.

Hopefully you will get lucky :-) .

But for future reference, you really should always use the SQL tool to change a SQL password, because that tool will automatically sync everything up the way it needs to be for the changed pwd.
0
 

Author Comment

by:hpradhan08
ID: 37748410
I don't believe on luck, man. That's why I'm asking you the proper way to change it.

Also, it's domain account. So, I need to change it going to Window's Security  and change a password, right? Please confirm.
0
 
LVL 69

Expert Comment

by:Scott Pletcher
ID: 37748449
No, I don't think so.

You use AD tool to change the domain account password (sorry, not an AD person, don't know any more details on that).

Then you use SQL tools to change the password for SQL, which automatically changes the related Windows logins as required.

AFAIK, you never have to use the native Windows Services panel to change passwords for accounts used to run SQL.  The SQL Mgmt tool makes the necessary Windows changes for you, while also making the changes needed for SQL itself (registry, etc.).
0
 

Author Comment

by:hpradhan08
ID: 37763651
Hi Scott,
I got the SQL tool to change the password for SQL. The good news is we're not using this account on running SQL Service account. We've used some other domain account... So, we just used this domain account to install the sql server and later on we changed it  to different account...

 Thank you so much for bringing up the AD tool to change the domain account password. May I ask you or anybody who know this AD tool and how I get it/ use it to change the domain account?  Thank you in advance for your help.
0
 
LVL 69

Expert Comment

by:Scott Pletcher
ID: 37766098
Sorry.  That will have to be someone else.  I am not an AD admin, I just work with them :-) .

I understand what I need to know about AD from a DBA standpoint, but that's about it.  I don't maintain AD or use it myself to change pwds -- I always worked with a separate AD admin people who used the AD tools themselves.
0
 

Author Comment

by:hpradhan08
ID: 37769201
Thank you, Scott for your input.

I'm calling out the AD Admin out there... I told our SysAdmin  about the AD tool to change the domain account password. He is asking me the tool name... Could you please provide me that?
0
 
LVL 69

Expert Comment

by:Scott Pletcher
ID: 37771393
Sorry, as I said, I truly don't know.  

I'm only going by what AD admins told me.  They have some way they can reset passwords for Windows / domain accounts.  C'mon, it only makes sense.  Don't know why your sysadmin is pretending not to know how to change the pwd on an acct.
0
 

Author Comment

by:hpradhan08
ID: 37796766
Scott,
Yes, he is pretending or he truly doesn’t know...Anyway, I worry about my part. This domain account 'abc' is running our show literally; it owns all the DBs; and jobs. But the services are running under different domain account/s. So, once the domain account's password changed on the domain level, I just need to change the password using SQL Tool (configuration manager) and it'll be fine. What happens between the password changed on the domain level and password changed on SQL Server level? Don't SQL Server going to freak out in between that time?
0
 
LVL 69

Accepted Solution

by:
Scott Pletcher earned 2000 total points
ID: 37798201
No.  For internal/core processes, it continues to use existing control info until/unless SQL Server is re-started.

That is, core internal control structures have already been created using the existing login info, and in general SQL can continue using those.

However, any new requests that require login validation won't work, of course.  So it's best to change it on the SQL side as soon as you can.

But it has to be changed on the Windows/domain side first, naturally, since otherwise the SQL tool won't be able to verify the new password for that login.
0
 

Author Closing Comment

by:hpradhan08
ID: 37833296
Thank you, Scott. I appreciate your input.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example combined with referencing Books Online, show some of the information that can be extracted from the Catalog Views in SQL Server.
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question