Is there an automatic way of changing the Domain user password getting used for running the SQL Server as a Domain user account? I'm taking about EM---Security----Domain User name and the password getting used for running the SQL Server?
View 1 RepliesMy SQL Server is running as a Domain user account and it asked me to enter the password for thr Domain user account when I was changing the Startup account from Local to Domain user.
My QUESTION here is:
Is there a way or command for me to change the password automatically on the Services account, if I change the password for the Domain User account/.
My SQL servers are using integrated windows nt security. Our user account is changing to a new domain. Is there an easy way to change the server logins to point to the new domain instead of removing the user and adding a new login from the new domain.
View 1 Replies View RelatedCan the user change their password in Enterprise Manager? When they follow the documentation, this does not seem to work
unless they are sa: (I know about sp_password....we are trying to find a GUI method for typical user.)
Expand a server group; then expand a server.
Expand Security; then click Logins.
In the details pane, right-click the login to modify, and then click Properties.
In Password, on the General tab, enter a new password.
Confirm the password.
Is there a way to prevent a particular user with SQL login from changing their password?
We have an application where we only want to prevent a certain user from changing their password but do not want to use windows authentication?
I tried to cahnge this account option to built in account option in SQL ( MSSQLSERVER) properties box. Then SQL Server was log on as Local system. But then I can not view my reports which i created. Now I changed it again to this account option. but I dont exaclty remember the password. Is there anyway I can get to know the password I created.
Thanks
Hi,
We have the followoing:
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master)
-A sql server 2005 on a win server 2003 in "sub domain" AD
-A linked server to "sub domain" AD
-A linked server login using a "sub domain" admin acccount
-A view to this linked server
-A grant on masterDomain/Domain Users to the database
-A grant on subDomain/Domain Users to the database
-We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts.
Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT *
FROM OPENQUERY(ADSI,
'SELECT displayname, givenName, sn, cn (etc...)
FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com''
WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
EXEC sp_addlinkedsrvlogin @rmtsrvname ='ADSI', @useself='false',
@rmtuser='subDomainAdminAccnt', @rmtpassword='sunDomainAdminAccntPassword';
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error:
Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
I have a root domain and child domain.
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
Any ideas on how to fix this ?
Hi all,I've done some sniffing around but apart from one post in thisnewsgroup haven't been able to find much on this topic.We have recently moved (well, quite a while ago but that's by-the-by)from an NT domain to an AD domain. One of our SQL Servers is stilljoined to the NT domain and, since this domain is soon to bedecommissioned, I need to join this SQL Server to the AD domain.Is there anything I should be on the lookout for WRT this move?As far as I can see, the only thing this would cause an issue withwould be permissions for "logins" etc. This shouldn't be an issue asthe only logins on this SQL Server are either local or from WindowsAuthenticated from our AD domain.Any advice would be greatly appreciated.Many thanks,Ian
View 1 Replies View Relatedhi, I am not sure what happen. but I have lost the sql mail when I changed the from one user domain to another, any sugguestions on how to solve this issue
thanks for your help
Ahmed
Hello ppl
We have a Windows server that has 64-bit SQL installed on it. It is placed in 'abc' domain right now.
Now I have to get that changed to 'xyz' domain. I know that Windows people can take care of this, but my question is do we have to worry about the SQL Server that's already installed on that server? Will it have any affect on that?
Thanks
Satya
I know it's not possible, I've read the KBs. But I don't understand why not - from my testing, it looks like the only things that break are the domain groups to which the service logins are added. The service logins can be changed, as can the IPs, and SQL starts up just fine. The only problem is the domain groups.
I saw this KB:
http://support.microsoft.com/?kbid=910708
which says this:
After you install a SQL Server 2005 failover cluster, you can change the service accounts, but you cannot change the domain groups. If you want to use different domain groups, you must uninstall and then reinstall SQL Server 2005.
But it doesn't elaborate, it just says that the groups cannot be changed. Why not? That seems silly to me - it's not just a line in a config file somewhere? Can someone please give me a good reason why the groups cannot be changed?
Hi
We have a Windows server that has 64-bit SQL installed on it. It is placed in 'abc' domain right now.
Now I have to get that changed to 'xyz' domain. I know that Windows team can take care of this, but my question is do we have to worry about the SQL Server that's already installed on that server? Will it have any affect on that?
Thanks
Satya
Greetings,
I have been tasked with changing our local domian name from .com to .local. I want to make sure I understand the risks to SQL server 2000 when i make this change. We use SQL for Great Plains version 8, here is my simple plan:
1. Dis-join all workstations from .com domain
2. Make a full backup of all databases iin SQL server 2000 -- all databases use the SA account and not NT authentication
3. Dis-join SQL server
4. Change domain name
5. Re-join SQL server box and workstations
6. Launch Great Plains and go home happy!
I am having trouble identifying the risk to my plan and am wondering if:
1. SQL will launch under the new domain
2. Will the backup I made restore under the new domian
3. Will I experience authentication problems even though we use the SA account?
I am not a DB admin and am feeling a little unsure about this task any help on the risks or links to "how to" guides would be appreciated.
Robert
I am using the Management Sudio Express and after I changed my domain password, I lost all of my SQL Server registrations.
I remember this was an old problem with SQL 2000 until a SP fixed it.
Any ideas?
-- VPDJ
I`m running SQL 6.5 with standard security. We`re running NT 4.0. I am a member of the NT Admin group - which, of course, has sa privileges in SQL Server. I changed the sa password (via Enterpise Manager on my client machine); and it worked. I tested the password change by connecting to ISQL/w - both on my client machine and at the server machine.
However, when I attempted to connect to the server via Enterprise Manager (SEM) - on my client machine - my login attempt failed. But at the server machine, I connected just fine.
Somehow, even though we`re using standard security, I`m getting locked out of SEM because of the new password. Changing the sa password back to what it had been resolved the problem; but the old password was only meant to be temporary.
Any suggestions or explanations?
Is there a thread that says what should we be looking for if I change password for SA?
I am new to the org here and have to clamp down on the SA logins.
This is what comes to my mind:
1.Client apps:
====================
a.Hard coded into VB apps
b.File DSNs
c.System DSNs
2.Web app:
================
a.Hard coded into .asp and .aspx
b..inc files that have collective connection strings.
c.Possible use of file DSNs
d.Possibly use of system DSNs
3.Ad-hoc Queries by Users
===============================
4.Maintenance Plans and Jobs etc.
=======================================
a. DTS packages
b. Replication
Is there anything else that you can add to this list will be helpful.
Regards
Paresh
Regards
Paresh Motiwala
Boston, USA
Is there any strategy I should follow in order to change the SA password.Experts answers only. Thanks
=============================
http://www.sqlserverstudy.com
After I have changed the SA password and attempt to login I get the following error.
A connection was successfully established with the server, but then an error occurred during the login process. (provider:Shared Memory Provider, error: 0 - No process is on the other end of the pipe.) (Microsoft SQL Server, Error:233)
If I change the password back I can login without any problems. I need to change the SA password.
Thanks for any suggestions.
Hello all,
When I changed the SQL sa account password (it was blank) and then tried to connect to SMS remotely via SMS Administrator Console, I get Connection Failed. It seemed to work for a about 20 minutes and then I get "Connection Failed" when I try to run the console remotely. I used the SQL Enterprise Manager to change the sa password and then I used the SMS Administrator Console to set its SQL Server account to sa with the new password under Site Properties. When I switched it to a blank password in SQL and SMS, it started working again.
From the Application Event Log I seem to be getting a lot of these messages (even now - and it's working):
"The description for Event ID ( 1001 ) in Source ( SQLCTR70 ) could not be found. It contains the following insertion string(s): SQL Server not running."
I have also gotten: "The Open Procedure for service "NM" in DLL "nmperf.dll" failed. Performance data for this service will not be available. Status code returned is DWORD 0. "
I don't see any messages from SMS in Event Viewer.
What am I doing wrong?
TIA for you assistance.
Hi all,
I am using Administrator to log in the WinNT and I have just changed the password
of the Administrator. After that, I discover that I cannot use all function in the sql server.
Althougt the server is still running, I cannot open the database, login the security manager.
I have checked that the SQL Executive in NT service is assigned to local system account.
As you know, there is no place for inputting password. Where can I change the password
in order to let the function of sql server run again?
Thanks
I have SQL Server 2000 the Microsoft SQL Enterprise Mangaer version 8.0 and I don't know the password of sa account and I found this page where it shows how to change it and I tried it but it didnt work for me. Password didnt change
So what to do? Is there any way to see the current pw?
I am working with MSDE, but some how the password for sa keep changing by itself. I can reset it by logging in windows authentication mode using osql, but the next day the password does not work again.
Please give me some suggestions
Mik
A client of mine changed his SA password "because it hadn't been changed in a while". :mad: Now nobody can get into Enterprise Manager - opening EM or trying to right-click > Connect on the server yields an error:
A connection could not be established to SERVER1.
Reason: login failed for user 'sa'.
Please verify SQL Server is running and check your SQL Server Registration
properties (by right-clicking on the SERVER1 node) and try again.
Of course, if I right-click on the SERVER1 node, I get the same message.
My client remembers the password he set; I managed to use it to get into Query Analyzer, which I thouhght was weird. But no luck with Enterprise Manager. It's just trying to log in as sa without prompting for a pw.
I already tried running sp_Password in Query Analyzer to change the pw back to what it was. Still can't connect to the SQL Server via Enterprise Manager.
What can I do?
Hi,
I know this seems odd but is there any way to change the guest's password?
I know this is paradoxical regarding the nature of guest user but if there is any way please clarify me!
-Thanks
I just started a new job and no one seems to know the SA password.Here's my plan to change it:1. I've run a trace for a couple of days to verify that there are nojobs or processes that are connecting as SA and that would break if Ichanged the password.2. Before the changing the password I am going to bulk copy out thesysxlogins row for SA so that if things go wrong I can reinset the olddata with the old unknown password (will that work?).3. Log on to the console as Windows administrator and changing the SApassword.Does that make sense? Anyone have any other suggestions?Thanks.
View 1 Replies View RelatedMy goal is to write a DR plan where i am restoring all user databases onto a diffrent server in a event of hardware failure. I was trying to figure out a way to extract DDL of user accounts and their permissions on all user databases so i can simplify my DR documentation.
This is the plan I came up with...to restore all system and user dbs on a different Physical SQLServer.
1. build named instance $PROD
2. restore master database
- startup sqlserver in single user mode -m or DAC sqlcmd -S ServerName -U sa -P<xxx> –A
net stop MSSQLSERVER$PROD
net start MSSQLSERVER$PROD -m
- restore database master from disk e:master.bak with replace;
3. start sqlserver normally
4. stop SQLServer agent
5. restore msdb
-restore database msdb disk e:msdb.bak with replace;
6. restart SQLServer
7. Restore User Databases.
8. Run Sp_change_users_login for all users
-Sp_Change_users_logins 'auto_fix','username'
that sounds obvious but I'm stuck...
I have an ASP.net application which someone else started and I continue.
on the SQL server there was a user X which was used to access the database from the ASP website.
I accidently changed the password in the SQL server and now I cant restore the prior settings
(trying to reset password to blank or embedding the username and password in the connection string didnt work).
it stops on "connection.open" with - "SQLException Login failed for user 'X'"
any ideas why that happens and how I can fix it?
thanks
How do you change the SA password in SQL Server 2005?
Thanks.
Doug
We are currently using continuous transactional replication from an OLTP type database to a Reporting database. We recently changed the 'sa' password for the first time since replication was introduced and now the Replication Log Reader job fails to start.
This is the error from the Job Log:
Message
2008-04-14 15:18:24.894 Copyright (c) 2005 Microsoft Corporation
2008-04-14 15:18:24.894 Microsoft SQL Server Replication Agent: logread
2008-04-14 15:18:24.894
2008-04-14 15:18:24.894 The timestamps prepended to the output lines are expressed in terms of UTC time.
2008-04-14 15:18:24.894 User-specified agent parameter values:
-Publisher OASV-SQL1
-PublisherDB georgiaoas
-Distributor OASV-SQL1
-DistributorSecurityMode 1
-Continuous
-XJOBID 0xCE146F975BC43043AB1ECBF42F801C43
-XJOBNAME OASV-SQL1-georgiaoas-1
-XSTEPID 2
-XSUBSYSTEM LogReader
-XSERVER OASV-SQL1
-XCMDLINE 0
-XCancelEventHandle 00000730
-XParentProcessHandle 0000075C
2008-04-14 15:18:25.034 Status: 0, code: 20015, text: 'Login failed for user 'sa'.'.
2008-04-14 15:18:25.034 Login failed for user 'sa'.
When we change the 'sa' password back to the previous value, we can start the Log Reader without issue.
We have tried restarting the SQL Server Agent process without success. We have not restarted the SQL Server process due to the server hosting production databases.
Any ideas?
I have changed my windows password on my workstation, and the result is that I cannot now access the local databases and services resident on my workstation. I can still access all remote servers, but all attempts to access the local machine have failed. I even changed the password back to the original password, but this has had no effect.
Has anyone had any experience similar to this one? I am at a loss for things to try at this point.
hi folks,
has anyone experienced this issue?
When one changes the login password for XP, all the SQL Server groups are removed the next time you log into SQL Server 2000.
Is this a bug or a security feature, is there any way around it?
thanks for any help!
We are running SQL Server 2000 on two servers and when they were built, the same domain account was used for all installations, and the MSSQLSERVER and SQLServerAgent services run logged in as that same account. That account is also the dbo of all the SQL databases. We now need to change the password and possibly disable that domain account.
What do we need to do to make sure the SQL Servers and databases continue to run without problems after making the password change and/or disabling the account?
I appreciate any advice!