need to get SA password

sql 2005
no studio installed and I can't install it at this time.
I need to either reset the sa password or figure out the current one
either will do
2008 r2
jamesmetcalf74Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
ktaczalaConnect With a Mentor Commented:
management studio can be installed on any workstation, it doesn't have to be installed on the server.  however the sql browser service must be running on the server for studio to see the instances.  log in to a workstation with the domain administrator login then run studio, open the instance with windows authentication.  then you should be able to change the sa password.
0
 
Kyle AbrahamsConnect With a Mentor Senior .Net DeveloperCommented:
without managment studio you're not going  to be able to reset it.  The only thing you could do is to try a brute force or check well known passwords.  Lastly ask another developer / DBA who may know.  

There's no way to discover the password, or SQL would be pretty weak.
0
 
PadawanDBAConnect With a Mentor Operational DBACommented:
Eeeeh...  Not entirely accurate. As with most things with physical access, where there's a will there's a way.  I am having trouble locating the exact guide I used for it (which walks you through it step by step), but you'll need to bring the service down and start it back up in single user mode, connect (probably going to be via sqlcmd in your case) and reset the password accordingly (or create a new login with sysadmin privileges and use that).

http://msdn.microsoft.com/en-us/library/dd207004.aspx
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Anthony PerkinsCommented:
No need for SSMS or SQL Browser (unless you are running a SQL Server named instance), you can reset it from the DOS command line using SQLCmd and a single System Stored Procedure, provided you have a login that belongs to the sysadmin role.  If you don't it gets more complicated.
0
 
Kyle AbrahamsSenior .Net DeveloperCommented:
Alright,  I stand corrected.  Good to know that you can create users as long as you have access to the sql box.  Pretty weak security IMO.
0
 
PadawanDBAConnect With a Mentor Operational DBACommented:
Security always starts with physical access.  You can also argue that it's weak security to not encrypt your drives with bitlocker or comparable since you can just mount them in a linux distro and have unfettered access to all the data on the drives, but the question still remains as to why the heck they had access to stick that usb drive into the server =)  Moral of my story is merely that security has to be implemented everywhere or it is nowhere (just to drive home the more holistic view of security you just made)
0
 
Anthony PerkinsConnect With a Mentor Commented:
Good to know that you can create users as long as you have access to the sql box.
I am not sure what you mean by "access to the sql box".  You can execute SQLCmd from any workstation, you do not have to be logged on the server that houses SQL Server.

Pretty weak security IMO.
Why would you say that?  Why is using SQLCmd make it qualify for "weak security" in comparison to using SSMS (your suggestion)?
0
 
Kyle AbrahamsSenior .Net DeveloperCommented:
Why would you say that?  Why is using SQLCmd make it qualify for "weak security" in comparison to using SSMS (your suggestion)?
I'm not saying sqlCmd is weak security.  The fact that you can create a sys_admin role account without being an authorized user to me is weak security.  I agree that physical access is always a security concern, but I wouldn't imagine for one to have a backdoor like that.   Sure you could always just rip the MDF and LDF files to a new instance, but that would require more resources (of having another SQL server installed somewhere).  

Real world example:  
A server admin being able to login to a sql server to retrieve sensitive company data.  In a larger firm where you have dedicated roles, a nefarious admin could run this while doing other routine maintenance (windows patches for instance).  


I would have the ability to get at the data would be more difficult.  Just my two cents.
0
 
Anthony PerkinsCommented:
The fact that you can create a sys_admin role account without being an authorized user to me is weak security.
I don't think anyone said that.  In fact I specifically stated:  you can reset it from the DOS command line using SQLCmd and a single System Stored Procedure, provided you have a login that belongs to the sysadmin role.
0
 
Kyle AbrahamsSenior .Net DeveloperCommented:
I refer you to:
http://www.experts-exchange.com/Microsoft/Development/MS-SQL-Server/SQL-Server-2005/Q_28327754.html#a39747023

it's possible to create a sys admin account without logging in as a sys admin yourself.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.