Solved

need to get SA password

Posted on 2013-12-30
10
218 Views
Last Modified: 2014-01-16
sql 2005
no studio installed and I can't install it at this time.
I need to either reset the sa password or figure out the current one
either will do
2008 r2
0
Comment
Question by:jamesmetcalf74
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 39

Assisted Solution

by:Kyle Abrahams
Kyle Abrahams earned 100 total points
Comment Utility
without managment studio you're not going  to be able to reset it.  The only thing you could do is to try a brute force or check well known passwords.  Lastly ask another developer / DBA who may know.  

There's no way to discover the password, or SQL would be pretty weak.
0
 
LVL 10

Assisted Solution

by:PadawanDBA
PadawanDBA earned 200 total points
Comment Utility
Eeeeh...  Not entirely accurate. As with most things with physical access, where there's a will there's a way.  I am having trouble locating the exact guide I used for it (which walks you through it step by step), but you'll need to bring the service down and start it back up in single user mode, connect (probably going to be via sqlcmd in your case) and reset the password accordingly (or create a new login with sysadmin privileges and use that).

http://msdn.microsoft.com/en-us/library/dd207004.aspx
0
 
LVL 12

Accepted Solution

by:
ktaczala earned 100 total points
Comment Utility
management studio can be installed on any workstation, it doesn't have to be installed on the server.  however the sql browser service must be running on the server for studio to see the instances.  log in to a workstation with the domain administrator login then run studio, open the instance with windows authentication.  then you should be able to change the sa password.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
Comment Utility
No need for SSMS or SQL Browser (unless you are running a SQL Server named instance), you can reset it from the DOS command line using SQLCmd and a single System Stored Procedure, provided you have a login that belongs to the sysadmin role.  If you don't it gets more complicated.
0
 
LVL 39

Expert Comment

by:Kyle Abrahams
Comment Utility
Alright,  I stand corrected.  Good to know that you can create users as long as you have access to the sql box.  Pretty weak security IMO.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 10

Assisted Solution

by:PadawanDBA
PadawanDBA earned 200 total points
Comment Utility
Security always starts with physical access.  You can also argue that it's weak security to not encrypt your drives with bitlocker or comparable since you can just mount them in a linux distro and have unfettered access to all the data on the drives, but the question still remains as to why the heck they had access to stick that usb drive into the server =)  Moral of my story is merely that security has to be implemented everywhere or it is nowhere (just to drive home the more holistic view of security you just made)
0
 
LVL 75

Assisted Solution

by:Anthony Perkins
Anthony Perkins earned 100 total points
Comment Utility
Good to know that you can create users as long as you have access to the sql box.
I am not sure what you mean by "access to the sql box".  You can execute SQLCmd from any workstation, you do not have to be logged on the server that houses SQL Server.

Pretty weak security IMO.
Why would you say that?  Why is using SQLCmd make it qualify for "weak security" in comparison to using SSMS (your suggestion)?
0
 
LVL 39

Expert Comment

by:Kyle Abrahams
Comment Utility
Why would you say that?  Why is using SQLCmd make it qualify for "weak security" in comparison to using SSMS (your suggestion)?
I'm not saying sqlCmd is weak security.  The fact that you can create a sys_admin role account without being an authorized user to me is weak security.  I agree that physical access is always a security concern, but I wouldn't imagine for one to have a backdoor like that.   Sure you could always just rip the MDF and LDF files to a new instance, but that would require more resources (of having another SQL server installed somewhere).  

Real world example:  
A server admin being able to login to a sql server to retrieve sensitive company data.  In a larger firm where you have dedicated roles, a nefarious admin could run this while doing other routine maintenance (windows patches for instance).  


I would have the ability to get at the data would be more difficult.  Just my two cents.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
Comment Utility
The fact that you can create a sys_admin role account without being an authorized user to me is weak security.
I don't think anyone said that.  In fact I specifically stated:  you can reset it from the DOS command line using SQLCmd and a single System Stored Procedure, provided you have a login that belongs to the sysadmin role.
0
 
LVL 39

Expert Comment

by:Kyle Abrahams
Comment Utility
I refer you to:
http://www.experts-exchange.com/Microsoft/Development/MS-SQL-Server/SQL-Server-2005/Q_28327754.html#a39747023

it's possible to create a sys admin account without logging in as a sys admin yourself.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Recently, when I was asked to create a new SQL 2005 cluster, Microsoft released a new service pack for MS SQL 2005 what is Service Pack 3. When I finished the installation of MS SQL 2005 I found myself troubled why the installation of SP3 failed …
I am showing a way to read/import the excel data in table using SQL server 2005... Suppose there is an Excel file "Book1" at location "C:\temp" with column "First Name" and "Last Name". Now to import this Excel data into the table, we will use…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now