Solved

need to get SA password

Posted on 2013-12-30
10
232 Views
Last Modified: 2014-01-16
sql 2005
no studio installed and I can't install it at this time.
I need to either reset the sa password or figure out the current one
either will do
2008 r2
0
Comment
Question by:jamesmetcalf74
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 40

Assisted Solution

by:Kyle Abrahams
Kyle Abrahams earned 100 total points
ID: 39746785
without managment studio you're not going  to be able to reset it.  The only thing you could do is to try a brute force or check well known passwords.  Lastly ask another developer / DBA who may know.  

There's no way to discover the password, or SQL would be pretty weak.
0
 
LVL 10

Assisted Solution

by:PadawanDBA
PadawanDBA earned 200 total points
ID: 39747023
Eeeeh...  Not entirely accurate. As with most things with physical access, where there's a will there's a way.  I am having trouble locating the exact guide I used for it (which walks you through it step by step), but you'll need to bring the service down and start it back up in single user mode, connect (probably going to be via sqlcmd in your case) and reset the password accordingly (or create a new login with sysadmin privileges and use that).

http://msdn.microsoft.com/en-us/library/dd207004.aspx
0
 
LVL 12

Accepted Solution

by:
ktaczala earned 100 total points
ID: 39747443
management studio can be installed on any workstation, it doesn't have to be installed on the server.  however the sql browser service must be running on the server for studio to see the instances.  log in to a workstation with the domain administrator login then run studio, open the instance with windows authentication.  then you should be able to change the sa password.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39747482
No need for SSMS or SQL Browser (unless you are running a SQL Server named instance), you can reset it from the DOS command line using SQLCmd and a single System Stored Procedure, provided you have a login that belongs to the sysadmin role.  If you don't it gets more complicated.
0
 
LVL 40

Expert Comment

by:Kyle Abrahams
ID: 39748336
Alright,  I stand corrected.  Good to know that you can create users as long as you have access to the sql box.  Pretty weak security IMO.
0
 
LVL 10

Assisted Solution

by:PadawanDBA
PadawanDBA earned 200 total points
ID: 39748577
Security always starts with physical access.  You can also argue that it's weak security to not encrypt your drives with bitlocker or comparable since you can just mount them in a linux distro and have unfettered access to all the data on the drives, but the question still remains as to why the heck they had access to stick that usb drive into the server =)  Moral of my story is merely that security has to be implemented everywhere or it is nowhere (just to drive home the more holistic view of security you just made)
0
 
LVL 75

Assisted Solution

by:Anthony Perkins
Anthony Perkins earned 100 total points
ID: 39749226
Good to know that you can create users as long as you have access to the sql box.
I am not sure what you mean by "access to the sql box".  You can execute SQLCmd from any workstation, you do not have to be logged on the server that houses SQL Server.

Pretty weak security IMO.
Why would you say that?  Why is using SQLCmd make it qualify for "weak security" in comparison to using SSMS (your suggestion)?
0
 
LVL 40

Expert Comment

by:Kyle Abrahams
ID: 39750658
Why would you say that?  Why is using SQLCmd make it qualify for "weak security" in comparison to using SSMS (your suggestion)?
I'm not saying sqlCmd is weak security.  The fact that you can create a sys_admin role account without being an authorized user to me is weak security.  I agree that physical access is always a security concern, but I wouldn't imagine for one to have a backdoor like that.   Sure you could always just rip the MDF and LDF files to a new instance, but that would require more resources (of having another SQL server installed somewhere).  

Real world example:  
A server admin being able to login to a sql server to retrieve sensitive company data.  In a larger firm where you have dedicated roles, a nefarious admin could run this while doing other routine maintenance (windows patches for instance).  


I would have the ability to get at the data would be more difficult.  Just my two cents.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39752921
The fact that you can create a sys_admin role account without being an authorized user to me is weak security.
I don't think anyone said that.  In fact I specifically stated:  you can reset it from the DOS command line using SQLCmd and a single System Stored Procedure, provided you have a login that belongs to the sysadmin role.
0
 
LVL 40

Expert Comment

by:Kyle Abrahams
ID: 39752992
I refer you to:
http://www.experts-exchange.com/Microsoft/Development/MS-SQL-Server/SQL-Server-2005/Q_28327754.html#a39747023

it's possible to create a sys admin account without logging in as a sys admin yourself.
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are some very powerful Data Management Views (DMV's) introduced with SQL 2005. The two in particular that we are going to discuss are sys.dm_db_index_usage_stats and sys.dm_db_index_operational_stats.   Recently, I was involved in a discu…
Introduction: When running hybrid database environments, you often need to query some data from a remote db of any type, while being connected to your MS SQL Server database. Problems start when you try to combine that with some "user input" pass…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question