We are running SQL Server 2000 on two servers and when they were built, the same domain account was used for all installations, and the MSSQLSERVER and SQLServerAgent services run logged in as that same account. That account is also the dbo of all the SQL databases. We now need to change the password and possibly disable that domain account.
What do we need to do to make sure the SQL Servers and databases continue to run without problems after making the password change and/or disabling the account?
I installed SQL Server 2005 Express Edition. When I try changing the account name, password in the SQL Server Configuration Manager, i.e. by clicking on Apply, the SQLEXPRESS restarts and the password gets replaced by a longer password. Also the user name gets prefixed with "./". Any help on this will be highly appreciated.
Another query: Do we have the query analyser (gui or command line) kind of thing in Express Edition? Also where can I get a proper documentation of doing elementary things in setting up a database, like creating a database, adding a user, etc)
MSSQLServer and SQL Server Agent services under NT are running under a system account under our domain (setup many moons ago) for which we have lost the passsword. Is there any way we can recover these passwords?
Has anyone ever converted from running SQL Server under the Local System account to running under a Domain User account?
I have often installed SQL using a Domain User account, but I am inheriting a couple of SQL Servers that were set up to run under Local System. I have never had to convert "on the fly" before.
If you have any input or insights, I would be grateful.
We have changed NT Administration Password. Now how to reassign the new password setting for sql server service account. As right now all schedule jobs are getting failed & needs to be executed manually.
Ugh! Someone changed the password of our SQL Server service account. It is called syssql, and it is used by the MSSQLServer and SQL Executive services to log in at startup. After the password was changed, we noticed that replication wasn’t running, and since I know that replication uses the Executive service, I restarted that service using the new password. That worked to get replication working again, and since the boxes were production machines I didn’t restart the MSSQLServer service with the new password yet. Now, our syssql account keeps on locking up every so often, and scheduled tasks that use xp_sendmail stopped working, and alerts stopped sending. Is this happening because of the MSSQLServer service still being logged in with the old password? I suspect that the SQL Mail logs in through the MSSQLServer service, which is still using the old password, and the login failures are causing the syssql account to lock. Any other ideas???
Wjen sql 2005 is installed a Service Master key is generated using the password of the account under which sql 2005 server runs.
Suppose I use a domain account to run sql server. The account password will change every so often. I presume this change will not impact the validity of the existing Service master key and therefore any data indirectly encrypted by it. Am I correct?
I have a SQL 2000 (SP3) running on a Windows NT 4.0 (SP6) box used in our test environment. The SQL Server was configured to run under the local system account before I got here. In an effort to standardize things, I tried changing the SQL Service account to run under a designated domain user account purpose built for the job. We use this particular account for all of our new-build servers (which are W2K). This domain account is configured to be a "Power User" on the NT 4.0 Server in question.
Soon after changing things over to run under the new account, all the developers complained that they could no longer connect to the server. I could through QA and EM, but none of the developers could.
The developers are using WebLogic and JDBC drivers for the most part. I wasn't aware that the SQL Server service account affected client connectivity. Was I wrong or is there something else at work here?
Guys, I have got WINDOWS 2000 Advanced Server and MS SQL SERVER 7.0 running on my live server. Now when we are planning for replication, we have found that SQL server will require to run under a domain account. At the moment there are so many ASP pages running on our server accesses different databases created using SQL server 7.0. Most of them are DSN connections to the database. Now if i create a domain account and restart the server and MS SQL services with the domain account, how is it going to effect the current web pages running on it? Any help will be greatly appreciated. Thanks
I've run into a problem attempting to change my service account on the clustered servers from an administrative account to a non-privileged account under SQL Server 2005 Enterprise Edition. When I change the login properties in Configuration Manager I get the following error:
"The user already belongs to this group"
I'm then prevented from making any changes to the service account. I don't know what I'm supposed to do at this point to resolve the problem, so any assistance will be greatly appreciated.
If you were to do a fresh install it would set permissions on the disk so everything just works.
Now when changing the service account (e.g. to a domain user) use the configuration manager, does it do the same magic (possibly sans if the database data/log files are on another disk)? Or do you need to trawl through the dozens of folders and assign rights manually?
During install of SQL Server 2005, we can of course use a domain account or the built-in system account for running the services. I lean toward domain for obvious reaons but would like to know a +/- to each option and why I'd choose one over the other and what consequences or limitations one may encounter if I choose one over the other.
I have several DTS jobs that runs well as a job with my nt login account for the SQL agent service startup account, but if I use the System account they fail with this error. " Error opening datafile: Access is denied. Error source: Microsoft Data Transformation Services Flat File Rowset Provider"
The data has change access to the System account under the NT security.
Hello! I have the following problem. I developed CLR Stored Procedure "StartNotification" and deploy it on db. This sp calls external web service. Furthermore, this sp is called according with SQL Server Agent Job's schedule. On my PC SQL Server works under Local System account and this web service is called correctly (Executed as user: NT AUTHORITYSYSTEM). But on ther other server the following exception is raised during job running: Date 17.04.2007 16:42:10 Log Job History (FailureNotificationJob)
Step ID 1 Server MSK-CDBPO-01 Job Name FailureNotificationJob Step Name MainStep Duration 00:00:00 Sql Severity 16 Sql Message ID 6522 Operator Emailed Operator Net sent Operator Paged Retries Attempted 0
Message Executed as user: CORPmssqlserver. A .NET Framework error occurred during execution of user defined routine or aggregate 'StartNotification': System.Security.SecurityException: Request for the permission of type 'System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. System.Security.SecurityException: at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) at System.Security.CodeAccessPermission.Demand() at System.Net. The step failed.
What is the reason of this behaviour? Unfortunately I do not have direct access to this server. I have the following guesses: 1) CORPmssqlserver may have not enough permissions to call web service 2) Something wrong with SQL Server account's permissions 2) Something wrong with SQL Server Agent account's permissions I will take the will for the deed. Thanks.
Hi all, I do understand that it is highly recomended to have aserprate user (perfered a domain user account) for each of the SQL Server service and SQL Agent service. What is the reason behind that? (Someone told me to not run the service with an account that has a powerul privilegs! - I don't undrstanmd this point can you explain it please?) What is the diffrent between: 1- Local System account 2 -Network Service account
Well, I inherited a SQL Server ....sob story.........installer won`t call back.....sob story.....buying books like mad......sob story. Geez, this was a *great* job when I interviewed.....
Regardless, I do not know the password for the sa account on a SQL 6.5 server running on NT4SP3. We are using standard securtiy. Do I have any options?
Microsoft recommends that you do not use the Network Service account to run the SQL Server service (see http://msdn2.microsoft.com/en-us/library/ms143504.aspx).
Can anyone tell me what the drawbacks are of doing this?
Okay now this is weird, today the Reporting Services was not running and here are the entries in the event log:
Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7041 Date: 12/12/2007 Time: 9:47:22 User: N/A Computer: TFS Description: The ReportServer service was unable to log on as DOMAINTFSREPORTS with the currently configured password due to the following error: Logon failure: the user has not been granted the requested logon type at this computer.
Service: ReportServer Domain and account: DOMAINTFSREPORTS
This service account does not have the necessary user right "Log on as a service."
User Action
Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.
If you have already assigned this user right to the service account, and the user right appears to be removed, a Group Policy object associated with this node might be removing the right. Check with your domain administrator to find out if this is happening. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp
I am the administrator of the machines and I can assure you that no domain policy has changed for a couple of weeks. What should I look for?
While installing SQL Server 2000 on my Windows 2000 Advanced Server, i choose Windows Authentication mode, so i was not able to enter a password for sa account. And after installation, in Enterprise Manager i could still see sa account under logins but the account has a password.
So my question is what is the default password for sa account when we choose Windows Authentication mode and is it possible to change the mode from windows Authentication to Mixed Authentication mode after installation, with out re-installaing SQL Server 2000.
I am trying to adapt a vb6 application to support sqls 2005 features. I am using SQL Server Authentication and want to support the feature which forces the user to change his password on the next login. Using an SQLOLEDB connection string, on trying to log I get an error saying that the password must be changed - fair enough - but how can I do this? I would have expected to be able to supply both old and new passwords in the connection string, but there does not seem to be any such feature. Am I missing something obvious?
Couldn't able to login with sa account, seems someone having admin account have changed this sa password.Is there any way to determine who and when have changed this password.It is known that SQL can't log this information in its log, is there any other ways.
If someone can tell if it is wise change the SA account password after all of your databases have been set up using NT Authentication for login. Also, by using the sa password at login are you providing more security and and who should have access to that password (Your developers or your Administrators?)
A former Network Manager setup the Sql Server Services NT Domain account. I need the password to set it up on our MS Exchange server, should I change the password or create a new domain account. How can I find out if there is no other applications using the service account in our domain, since the new Network manager doesn't know the password. What happens if I change the password.
I can get to the DB and find the user account, but I see nowhere to change the password? My app requires a password that meets Windows Security requirements and the one that was initially created is not long enough.....
After observing brute force attacks on our VPS myhosting instance against the SA login, I change the SA login name. Now my two new backup jobs are failing. The agent service logs in as NT ServiceSQLSERVERAGENT. Nothing changed there (so far as I know and I'm the only one who should be on the VPS). The job owner was SA and after changing the SA account that was reflected in the SSMS gui; job owner 'newsaname'. I'm sure I can just rebuild the maintenance plans but I'd like to know what happened.
Also, I would like to learn more about the brute force attacks and how to determine what port they are comming in on. I see an IP address associated with them. Does that mean they are coming in on 1433 or 1434?
SQL 2012 Standard VPS Windows 2012 Server Standard
I`m running SQL 6.5 with standard security. We`re running NT 4.0. I am a member of the NT Admin group - which, of course, has sa privileges in SQL Server. I changed the sa password (via Enterpise Manager on my client machine); and it worked. I tested the password change by connecting to ISQL/w - both on my client machine and at the server machine.
However, when I attempted to connect to the server via Enterprise Manager (SEM) - on my client machine - my login attempt failed. But at the server machine, I connected just fine.
Somehow, even though we`re using standard security, I`m getting locked out of SEM because of the new password. Changing the sa password back to what it had been resolved the problem; but the old password was only meant to be temporary.
2.Web app: ================ a.Hard coded into .asp and .aspx b..inc files that have collective connection strings. c.Possible use of file DSNs d.Possibly use of system DSNs
3.Ad-hoc Queries by Users ===============================
4.Maintenance Plans and Jobs etc. ======================================= a. DTS packages b. Replication
Is there anything else that you can add to this list will be helpful. Regards Paresh
After I have changed the SA password and attempt to login I get the following error.
A connection was successfully established with the server, but then an error occurred during the login process. (provider:Shared Memory Provider, error: 0 - No process is on the other end of the pipe.) (Microsoft SQL Server, Error:233)
If I change the password back I can login without any problems. I need to change the SA password.
hi, all: I installed a Sql 2000 Personal Edition in my Laptop,now I want to change my Sql 2000 sa account password. but I can not find where I can get the default password for sa account and how to change it .
