Is there a way to prevent a particular user with SQL login from changing their password?
We have an application where we only want to prevent a certain user from changing their password but do not want to use windows authentication?
Can the user change their password in Enterprise Manager? When they follow the documentation, this does not seem to work
unless they are sa: (I know about sp_password....we are trying to find a GUI method for typical user.)
Expand a server group; then expand a server.
Expand Security; then click Logins.
In the details pane, right-click the login to modify, and then click Properties.
In Password, on the General tab, enter a new password.
Confirm the password.
Is there an automatic way of changing the Domain user password getting used for running the SQL Server as a Domain user account? I'm taking about EM---Security----Domain User name and the password getting used for running the SQL Server?
View 1 Replies View Related
I tried to cahnge this account option to built in account option in SQL ( MSSQLSERVER) properties box. Then SQL Server was log on as Local system. But then I can not view my reports which i created. Now I changed it again to this account option. but I dont exaclty remember the password. Is there anyway I can get to know the password I created.
Thanks
hi..
How do i prevent other users from changing the data of my tables? Means one can change data using only my login rest others cannot even DBA or also from server administrator
Is there a way to monitor all ODBC connections to a MSSQL server and prevent a username/ODBC combination. My problem is that we have many frontends for viewing reports, but we managed them all and users are not allow to make their own connections. Some users now uses MSAccess over ODBC to draw their own reports - they have all the permissions as neededd by the other apps.
thanx
Hi,
How can I prevent a colleage to delete tables in a specific database.
Yes he has access to Enterprise Manager. We would like to allow him read only to the live databases.
Is this possible?
I`m running SQL 6.5 with standard security. We`re running NT 4.0. I am a member of the NT Admin group - which, of course, has sa privileges in SQL Server. I changed the sa password (via Enterpise Manager on my client machine); and it worked. I tested the password change by connecting to ISQL/w - both on my client machine and at the server machine.
However, when I attempted to connect to the server via Enterprise Manager (SEM) - on my client machine - my login attempt failed. But at the server machine, I connected just fine.
Somehow, even though we`re using standard security, I`m getting locked out of SEM because of the new password. Changing the sa password back to what it had been resolved the problem; but the old password was only meant to be temporary.
Any suggestions or explanations?
Is there a thread that says what should we be looking for if I change password for SA?
I am new to the org here and have to clamp down on the SA logins.
This is what comes to my mind:
1.Client apps:
====================
a.Hard coded into VB apps
b.File DSNs
c.System DSNs
2.Web app:
================
a.Hard coded into .asp and .aspx
b..inc files that have collective connection strings.
c.Possible use of file DSNs
d.Possibly use of system DSNs
3.Ad-hoc Queries by Users
===============================
4.Maintenance Plans and Jobs etc.
=======================================
a. DTS packages
b. Replication
Is there anything else that you can add to this list will be helpful.
Regards
Paresh
Regards
Paresh Motiwala
Boston, USA
Is there any strategy I should follow in order to change the SA password.Experts answers only. Thanks
=============================
http://www.sqlserverstudy.com
After I have changed the SA password and attempt to login I get the following error.
A connection was successfully established with the server, but then an error occurred during the login process. (provider:Shared Memory Provider, error: 0 - No process is on the other end of the pipe.) (Microsoft SQL Server, Error:233)
If I change the password back I can login without any problems. I need to change the SA password.
Thanks for any suggestions.
I manage a hosted environment - several actually. Meaning my company is the host. We provide some of our customers with a dedicated instance of SQL Server that they can use in read-only mode. Unfortunately, I have some very inquisitive customers who probably should be hosting their own SQL. They like to poke into the inner workings of our environment in ways that make me uncomfortable. What I originally found was that they were reading our server registry. I've disabled that. The next thing that bothers me is the amount of information available to them through SERVERPROPERTY. They don't need to know things like physical node of a cluster their instance is on, or the last time we updated SQL, or our licensing choices.
Is there any way to prevent a user from using the SERVERPROPERTY function? I've done a lot of digging and can't seem to find a way to do it.
We have a user with read,write and execute permissions.
But this user with is used by a windows application,Is able to backup on the Database server(On C: drive).
How can I prevent it to backup on the server.
Hello all,
When I changed the SQL sa account password (it was blank) and then tried to connect to SMS remotely via SMS Administrator Console, I get Connection Failed. It seemed to work for a about 20 minutes and then I get "Connection Failed" when I try to run the console remotely. I used the SQL Enterprise Manager to change the sa password and then I used the SMS Administrator Console to set its SQL Server account to sa with the new password under Site Properties. When I switched it to a blank password in SQL and SMS, it started working again.
From the Application Event Log I seem to be getting a lot of these messages (even now - and it's working):
"The description for Event ID ( 1001 ) in Source ( SQLCTR70 ) could not be found. It contains the following insertion string(s): SQL Server not running."
I have also gotten: "The Open Procedure for service "NM" in DLL "nmperf.dll" failed. Performance data for this service will not be available. Status code returned is DWORD 0. "
I don't see any messages from SMS in Event Viewer.
What am I doing wrong?
TIA for you assistance.
Hi all,
I am using Administrator to log in the WinNT and I have just changed the password
of the Administrator. After that, I discover that I cannot use all function in the sql server.
Althougt the server is still running, I cannot open the database, login the security manager.
I have checked that the SQL Executive in NT service is assigned to local system account.
As you know, there is no place for inputting password. Where can I change the password
in order to let the function of sql server run again?
Thanks
I have SQL Server 2000 the Microsoft SQL Enterprise Mangaer version 8.0 and I don't know the password of sa account and I found this page where it shows how to change it and I tried it but it didnt work for me. Password didnt change
So what to do? Is there any way to see the current pw?
I am working with MSDE, but some how the password for sa keep changing by itself. I can reset it by logging in windows authentication mode using osql, but the next day the password does not work again.
Please give me some suggestions
Mik
A client of mine changed his SA password "because it hadn't been changed in a while". :mad: Now nobody can get into Enterprise Manager - opening EM or trying to right-click > Connect on the server yields an error:
A connection could not be established to SERVER1.
Reason: login failed for user 'sa'.
Please verify SQL Server is running and check your SQL Server Registration
properties (by right-clicking on the SERVER1 node) and try again.
Of course, if I right-click on the SERVER1 node, I get the same message.
My client remembers the password he set; I managed to use it to get into Query Analyzer, which I thouhght was weird. But no luck with Enterprise Manager. It's just trying to log in as sa without prompting for a pw.
I already tried running sp_Password in Query Analyzer to change the pw back to what it was. Still can't connect to the SQL Server via Enterprise Manager.
What can I do?
Hi,
I know this seems odd but is there any way to change the guest's password?
I know this is paradoxical regarding the nature of guest user but if there is any way please clarify me!
-Thanks
I just started a new job and no one seems to know the SA password.Here's my plan to change it:1. I've run a trace for a couple of days to verify that there are nojobs or processes that are connecting as SA and that would break if Ichanged the password.2. Before the changing the password I am going to bulk copy out thesysxlogins row for SA so that if things go wrong I can reinset the olddata with the old unknown password (will that work?).3. Log on to the console as Windows administrator and changing the SApassword.Does that make sense? Anyone have any other suggestions?Thanks.
View 1 Replies View RelatedMy goal is to write a DR plan where i am restoring all user databases onto a diffrent server in a event of hardware failure. I was trying to figure out a way to extract DDL of user accounts and their permissions on all user databases so i can simplify my DR documentation.
This is the plan I came up with...to restore all system and user dbs on a different Physical SQLServer.
1. build named instance $PROD
2. restore master database
- startup sqlserver in single user mode -m or DAC sqlcmd -S ServerName -U sa -P<xxx> –A
net stop MSSQLSERVER$PROD
net start MSSQLSERVER$PROD -m
- restore database master from disk e:master.bak with replace;
3. start sqlserver normally
4. stop SQLServer agent
5. restore msdb
-restore database msdb disk e:msdb.bak with replace;
6. restart SQLServer
7. Restore User Databases.
8. Run Sp_change_users_login for all users
-Sp_Change_users_logins 'auto_fix','username'
vendor did a full backup for his database and put some folder not being backed up by TSM, he is the owner of the database, and delete his backup later. The backup is not copy only, all the differential and log backups taken are based on his FULL backup. so they cannot be restored.
QUESTION: To prevent this happen in the future, what is the normal practices? or any way to prevent db_owner to do the ad-hoc full backup? I am thinking of using DENY backup database, or write a policy claiming no responsibility if vendor make it happen again.
that sounds obvious but I'm stuck...
I have an ASP.net application which someone else started and I continue.
on the SQL server there was a user X which was used to access the database from the ASP website.
I accidently changed the password in the SQL server and now I cant restore the prior settings
(trying to reset password to blank or embedding the username and password in the connection string didnt work).
it stops on "connection.open" with - "SQLException Login failed for user 'X'"
any ideas why that happens and how I can fix it?
thanks
How do you change the SA password in SQL Server 2005?
Thanks.
Doug
We are currently using continuous transactional replication from an OLTP type database to a Reporting database. We recently changed the 'sa' password for the first time since replication was introduced and now the Replication Log Reader job fails to start.
This is the error from the Job Log:
Message
2008-04-14 15:18:24.894 Copyright (c) 2005 Microsoft Corporation
2008-04-14 15:18:24.894 Microsoft SQL Server Replication Agent: logread
2008-04-14 15:18:24.894
2008-04-14 15:18:24.894 The timestamps prepended to the output lines are expressed in terms of UTC time.
2008-04-14 15:18:24.894 User-specified agent parameter values:
-Publisher OASV-SQL1
-PublisherDB georgiaoas
-Distributor OASV-SQL1
-DistributorSecurityMode 1
-Continuous
-XJOBID 0xCE146F975BC43043AB1ECBF42F801C43
-XJOBNAME OASV-SQL1-georgiaoas-1
-XSTEPID 2
-XSUBSYSTEM LogReader
-XSERVER OASV-SQL1
-XCMDLINE 0
-XCancelEventHandle 00000730
-XParentProcessHandle 0000075C
2008-04-14 15:18:25.034 Status: 0, code: 20015, text: 'Login failed for user 'sa'.'.
2008-04-14 15:18:25.034 Login failed for user 'sa'.
When we change the 'sa' password back to the previous value, we can start the Log Reader without issue.
We have tried restarting the SQL Server Agent process without success. We have not restarted the SQL Server process due to the server hosting production databases.
Any ideas?
I have changed my windows password on my workstation, and the result is that I cannot now access the local databases and services resident on my workstation. I can still access all remote servers, but all attempts to access the local machine have failed. I even changed the password back to the original password, but this has had no effect.
Has anyone had any experience similar to this one? I am at a loss for things to try at this point.
hi folks,
has anyone experienced this issue?
When one changes the login password for XP, all the SQL Server groups are removed the next time you log into SQL Server 2000.
Is this a bug or a security feature, is there any way around it?
thanks for any help!
We are running SQL Server 2000 on two servers and when they were built, the same domain account was used for all installations, and the MSSQLSERVER and SQLServerAgent services run logged in as that same account. That account is also the dbo of all the SQL databases. We now need to change the password and possibly disable that domain account.
What do we need to do to make sure the SQL Servers and databases continue to run without problems after making the password change and/or disabling the account?
I appreciate any advice!
Hi,
I tried to change / add password in SQL Server Compact Edition 2005 (in Mobile 5.0) via SQL Server Management Studio. As a result I got an error: "The specified module could not be found." I wonder why and how can I change the (blank) password to a new one?
Regards and thanks in advance,
Mixxo
Hi
I installed SQL Server 2005 Express Edition. When I try changing the account name, password in the SQL Server Configuration Manager, i.e. by clicking on Apply, the SQLEXPRESS restarts and the password gets replaced by a longer password. Also the user name gets prefixed with "./". Any help on this will be highly appreciated.
Another query: Do we have the query analyser (gui or command line) kind of thing in Express Edition? Also where can I get a proper documentation of doing elementary things in setting up a database, like creating a database, adding a user, etc)
Thanks and Regards
Roopesh
Hello,
in SQL Server 2005 I have an application role that is being used to limit access to my server data from third party applications. Everything is working well, except changing the Application role password.
I set up a small form that allows an administrator to change the App Role password through the front end app. I cannot, however, seem to get the Password field in my approle to accept a parameter.
For example:
declare @newpassword varchar(128)
set @newpassword = 'foo'
ALTER APPLICATION ROLE MyApplicationRole
with PASSWORD = @newpassword
This procedure gives me a syntax error in the last line. It will accept a string in quotes but not a varchar parameter.
Ideas?
I created account with permissions in order my program (I use C#.net) can connect to SQL Server 2008 by this account But I don't want that user can use this account to login to DB by SQL Management Studio for security purpose So how to prevent user login to SQL Management Studio ?
Can I setup "db_denydatareader" to MASTER db to prevent the access ?
I recently changed the SA password on my SQL Server 6.5 installation and discovered that this had caused the Scheduled CmdExec Tasks (defined in SQL Executive) to fail with:
"Process Exit Code 1. Microsoft (R) SQLMaint Utility, Version 6.50.240 Copyright (C) Microsoft Corporation, 1995 - 1996 [Microsoft SQL-DMO] Error 4002: [SQL Server] Login failed"
Changing the password back to the original resolves the problem, but is a less than satisfactory solution.
Any advice on how I can change the SA password and allow CmdExec tasks to continue running would be gratefully appreciated.