Solved

domain admin sysadmin

Posted on 2013-06-04
3
395 Views
Last Modified: 2013-06-20
By default in sql 2005 or 2008 is the ad domain admins group automatically a sysadmin sql account? Or not neccesarily? Reason I ask is we queried sys.syslogins and the password field is just showing as a load of boxes when I though they'd be the encrypted hashes for sql auth accts. I wondered if this is perhaps a security mechanism? To stop non sysadmins exporting the hashesIs it?
0
Comment
Question by:pma111
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
lcohan earned 500 total points
ID: 39219305
"By default in sql 2005 or 2008 is the ad domain admins group automatically a sysadmin sql "

As far as I'm aware - the answer is No, however they can add themselfs as they have enough authority to do it.

You could actually script and transfer logins from SQL to SQL hashed by using: "How to transfer logins and passwords between instances of SQL Server"

http://support.microsoft.com/kb/918992


Hopefully this clears somewhat your second question/concern.
0
 
LVL 3

Author Comment

by:pma111
ID: 39219321
Not really I wondered if its not showing the hash in the password column as the user is not a sysadmin ?
0
 
LVL 39

Expert Comment

by:lcohan
ID: 39219428
I suggest you take the direct approach and query the SQL sysadmin server role instead:

SELECT      Sid,
            name,
            IS_SRVROLEMEMBER('sysadmin', name)      AS      IsSysAdmin
FROM      sys.server_principals
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question