By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
431,795 Members | 1,216 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 431,795 IT Pros & Developers. It's quick & easy.

Changing lost SA password

P: n/a
I just started a new job and no one seems to know the SA password.
Here's my plan to change it:

1. I've run a trace for a couple of days to verify that there are no
jobs or processes that are connecting as SA and that would break if I
changed the password.

2. Before the changing the password I am going to bulk copy out the
sysxlogins row for SA so that if things go wrong I can reinset the old
data with the old unknown password (will that work?).

3. Log on to the console as Windows administrator and changing the SA
password.

Does that make sense? Anyone have any other suggestions?

Thanks.

Jul 23 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a

<pa************@hotmail.com> wrote in message
news:11**********************@l41g2000cwc.googlegr oups.com...
I just started a new job and no one seems to know the SA password.
Here's my plan to change it:

1. I've run a trace for a couple of days to verify that there are no
jobs or processes that are connecting as SA and that would break if I
changed the password.

2. Before the changing the password I am going to bulk copy out the
sysxlogins row for SA so that if things go wrong I can reinset the old
data with the old unknown password (will that work?).

3. Log on to the console as Windows administrator and changing the SA
password.

Does that make sense? Anyone have any other suggestions?

Thanks.


Assuming you've tested that the Windows Administrator account does have
sysadmin rights in MSSQL (it does by default), then you'll be able to change
the password with no problems - the only issue would be an application or
script that has the old password coded into it. But at least if something
does stop working, you know you've found a security issue which should be
fixed urgently.

As for going back to the old password, modifying data in system tables
directly is usually a bad idea and not supported by Microsoft (see "allow
updates Option" in Books Online), so if you update sysxlogins directly and
things go wrong, you'll probably have to restore master from a backup. But
it would almost certainly be better to fix whatever is using the old
password rather than messing with sysxlogins. If possible, I would set a
very strong sa password, change the server from mixed mode to Windows
authentication only, and forget about the sa login, but I appreciate that
that isn't always an option.

Simon
Jul 23 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.