Request: Actual Example Of Create Login With Password Hashed
Apr 16, 2008
BOL is very terse on the subject of creating a login with a hashed password. I need to store a script file with a create login for a sql server login, and I don't want the password as plain text. Here is what I've tried:
Code Snippet
declare @input nchar(5), @output varbinary(8000)
set @input = N'A123b'
select @output = hashbytes('sha1', @input)
select @output
create login test with password = '0x22A9EA652CFC38938D56A9C3872B266B192D16D9' hashed
go
This returns the error:
Msg 15021, Level 16, State 2, Line 1
Invalid value given for parameter PASSWORD. Specify a valid parameter value.
Can anybody provide a working example? Am I way off base on the usage of this functionality?
Thanks,
John T
View 12 Replies
ADVERTISEMENT
Oct 20, 2007
Hello,
Could anybody explain: is following supposed to work:
CREATE LOGIN test
WITH PASSWORD=0xF1E9E5CA9A79F7B5D883FA4D9680ED1D4D9AAB12 HASHED,
CHECK_POLICY = OFF;
GO
where
0xF1E9E5CA9A79F7B5D883FA4D9680ED1D4D9AAB12
result of
SELECT HASHBYTES ('SHA1','$Test123#')
execution of 'create login' results in following error
Msg 15021, Level 16, State 2, Line 1
Invalid value given for parameter PASSWORD. Specify a valid parameter value.
Interesting enough is that if I use MD5 the hash is 8 bytes shorter and create login works but actual login procedure does not. And if I just use plain text password without HASHED everything works.
This is on sqlexpress 2005 sp2. Is this specific to express version?
I've noticed that realatively old SQL BO 2005 states that hashed password should be passed as literal in single quotations ' *** ' (and it does not work) and msdn online states that in case of HASHED hexadecimal value should be passed without single quotations, anyway does not work either ...
Thanks,
--Alex
View 4 Replies
View Related
Oct 30, 2007
My PC is Window XP Pro and I'm using Microsoft SQL Server 2005 Express and Microsoft SQL Server Management Studio Express.
My question is how to create a login userid and password under "SQL Server Authentication"? (as shown in http://www.findingsteve.net/print_screen.jpg)
Any tutorial about this I can read?
View 6 Replies
View Related
Jun 13, 2006
Hi all,
I'm loading a working SSIS package in VB.NET and executing it programmatically. As the 'Persist Security Info' is set, it executes fine, presumably because I executed it previously with valid login info. But, when I update the connection info (programmatically) it prompts me for a password at runtime. The connection string will be provided by the user (DB Admin) and this is running as a Windows service, so what I want to do is, in the case of invalid login info, just receive a rejection, that I can respond to in the code. I'm using the IBMDA400 data provider to connect to an iSeries. Ideally, I need a generic solution that will apply to all connection strings and providers, if possible, but provider specific would be fine for now. Hope you can help....
Mazmo
View 4 Replies
View Related
Oct 8, 2007
Hi,
I am using SQL Server 2005 at home.
My problem is I forgot my password to log in to my server.
I only remember user name is 'sa'.
I haven't used it for two to three months. So I forgot password.
Previously, When I used sql server 2000, my login is as windows login. so no problem.
But this time, I set seperate log in and I got this problem.
Any help will be appreciated.
Thanks
George
View 11 Replies
View Related
Apr 11, 2008
I have seen alot of comments posted about an Issue in SQL2005 that no one at microsoft could really answer. If a user would try to alter his own login, it would fail stating a permissions error.
This is what I did to get it to work .
USE my_dataBase
GO
Alter Login [my_login] WITH PASSWORD = 'newpassword' OLD_PASSWORD = 'oldpassword'
In previous examples, people were trying to do an alter login without first narrowing it to the database.
If you do not include the USE statement it will fail.
Another thing to note is that they can only change certain things....they cannot turn off check_policy or check_expiration.
Happy Coding
View 2 Replies
View Related
Jul 25, 2006
I have a view in SQLServer 2005. It took 30 sec. to finish. Then I deleted 4500 records from one table that is used in view. It took 90 sec. to finish now. I did a comparison on Actual Execution Plan between before I deleted data and after I deleted data, they are almost same, only different is Actual Number Rows become less after deleted data. So, I wonder why data become less but time become more. When I look closely on the Actual Execution Plan, the ridiculous thing is, there are only Estimated Operation Cost on each step, no Actual Operation Cost. I guess there are something wrong with optimizer because reuse same Execution Plan, but how can I tell which step wrong without Actual Operation Cost.
Thanks!
Henry
View 2 Replies
View Related
Feb 28, 2007
Hi guys,
Everything seems to be fine, can browse the DB from VS, Preview data works fine in dataset, and the page works fine before adding any SQL DB code.
I draged n dropped a new DropDownList, Bind it to an object from dataset. And when I want to run the page I get this error !!!
I appreciate any help.
Thanks, Mehdi
View 4 Replies
View Related
Aug 1, 2015
have a ASP.NET app that access the DBs in a SQL 2012 server. I added code to access the SSISDB but it returns an error " cannot open database SSISDB request by login"doing some basic troubleshooting:
-When login to SSM (2012-R2) with windows/sa credentials I can access SSISDB and its tables with no problem
-but when I try to access SSISDB via T-SQL as follows:
osql -Usa -Ppasswrod
>sp_helpdb...(this lists all the DBs including the SSISDB)
>use SSISDB
>go
>select * form TableName
>go
This script returns an error stating that SSIDB does not exist
View 7 Replies
View Related
Jan 9, 2007
Hi,
I want to know if it is possible to create and execute a http request in SQL Server. I want to run the request in the database as alot of the data in the url would be retrieved from the database.
I want to create a stored procedure that runs the request. The stored procedure must be called from a trigger on a table.
The reason I want to go this way is because it would be alot faster that to get the data from the database and then execute the http request in the application. Another reason that I want it done on the database side is because the internet connection of my client is not as fast as the one I am using for development so I don't want the pages to load to many times and get the data between the server and the client computer through as fast as possible.
Any ideas on how I would do this?
View 9 Replies
View Related
Mar 19, 2008
Dear all;
I'm trying to use a local variable @NEW_LOGIN_CODE to pass LOGIN NAME to CREATE LOGIN script as follows:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
declare
@NEW_LOGIN_CODE varchar(255),
@NEW_LOGIN_PASSWORD varchar(255);
begin
SET @NEW_LOGIN_CODE = 'any_login';
SET @NEW_LOGIN_PASSWORD = 'AnyPassword';
CREATE LOGIN @NEW_LOGIN_CODE WITH PASSWORD @NEW_LOGIN_PASSWORD;
end
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
the script will not work unliss I provided a hard coded login code and password as follows:
CREATE LOGIN ANY_LOGIN WITH PASSWORD 'AnyPassword'
what should I do to make the CREATE LOGIN script accept local variables as parameters?
Thanks
View 3 Replies
View Related
Jan 29, 2008
Hi all,
In the DB i have stored the username and password. i had stored 'am' as password and wen i use 'Am' to login, it wil redirect to my next page correctly.Can we do any string comparison for that? Normally how can this problem be solved?
Try
con.Open()
cmd = New SqlCommand("select CompanyId,Password from CompanyDetails where CompanyId=" & uname & " and Password='" & pass & "'", con)
Dim sdr As SqlClient.SqlDataReader = cmd.ExecuteReader
If sdr.HasRows Then
sdr.Read()
Me.Session.Add("value", Val(txtuser.Text))
Response.Redirect("ViewDetails.aspx")
Else
Err.Text = "Invalid UserName/Password."
End If
Catch ex As Exception
Err.Text = ex.Message
Finally
con.Close()
End Try
View 3 Replies
View Related
Oct 6, 2005
Hi,I have developed site which has a resource file which connects to sqlserver using login name and password.Now my client doesn't want me to login to production database. bu the packing of the system is with me. is there any way to solve this issuse so that i can package the software without knowing database login name and password.TIAAmit
View 2 Replies
View Related
Mar 3, 2014
I created a cursor that moves through a table to retrieve a user's name.When I open this cursor, I create a variable to store the fetched name to use within the BEGIN/END statements to create a login, user, and role.
I'm getting an 'incorrect syntax' error at the variable. For example ..
CREATE LOGIN @NAME WITH PASSWORD 'password'
I've done a bit of research online and found that you cannot use variables to create logins and the like. One person suggested a stored procedure or dynamic SQL, whereas another pointed out that you shouldn't use a stored procedure and dynamic SQL is best.
View 3 Replies
View Related
Jan 13, 2006
SQL Server 2005 Express will not allow me to change the password for my login user. I tried deleting the user and re-creating the user. Another password is being put in although the password I put in was accepted. I even test to see what would happen if I left the password blank. It got accepted. But when I look at the password for my login user again, a different and much longer password was put in. I even tried this T-SQL statement:
CREATE LOGIN <loginname> WITH PASSWORD='<passwordname>', CHECK_EXPIRATION = OFF, CHECK_POLICY = OFF
I am out of ideals. Is this a bug?
View 5 Replies
View Related
Feb 25, 2013
Earlier one of my team member has created a user login and password but forgot the password after few days and now we need to know the password of that login. Some of the application are using this login so we can delete and create a new login with the same name hence is there any possibility or script to find out the password of the existing login.
Note: The login is not 'sa'
View 9 Replies
View Related
Aug 31, 2006
How can you force a password, from a sql login, to expire?
I would like to use the password expiration feature for sql logins in SqlServer 2005. The msdn document provides example code for SqlClient SqlConnection.ChangePassword like in Bob Beauchemin's book. http://msdn2.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.changepassword.aspx
There is a modify_date in the system view sys.sql_logins but that is read-only.
Thanks,
Karl
View 5 Replies
View Related
Mar 20, 2007
I have a 3 node cluster running windows 2003 x64 sp1 and SQL Server 2005 version 9.00.2153. My problem is the following...
This Saturday I migrated a web application's database to this server. After restoring the database I created the sql login for the service account, set the password and disabled the password policy for this login. I then ran sp_change_users_login to attach the already existing db user with the same name to the login. I changed the connection string for the application, tested the application connectivity and functionality then detatched the old database on the old server. Everything went like clockwork, no problems at all.
Come Monday morning at 8:35 I started getting alerts that the web site was down. I tested the site and sure enough it was down. I then attempted to connect to the database server using the login that was created for the app and the connection failed. I logged in with my ID and got in fine. Nothing showing to be wrong with the DB, I checked the new login and somehow the "Enable Password Policy" had been set for the new login. I disabled it and still no connection. I went to the database and checked the DB user and somehow the link between it and the login no longer existed. I reran the sp_change_users_login and restested the web site and verified that that web site was back online.
My question is this, is there any stored proc that resets these values back to default for some reason, a series of events that might revert the "Enable Password Policiy" to the default for a login, or is there a particular domain level operation that might occur such as Security Polcies that would affect these settings in SQL?
No one else was on the machine when I went to check it out at 8:40 so it has left me puzzled.
Any help would be appreciated.
Thanks.
Zach
View 3 Replies
View Related
Oct 4, 2007
Hello.
Is it possible to find out a complete history of when the passwords for any SQL Server logins were changed and by what/whom in 2005 standard edition?
Thanks.
View 1 Replies
View Related
Jan 26, 2006
Hai Freinds,
Is there any default username and password for sql server 7.0
Thank You
View 4 Replies
View Related
Mar 2, 2007
Our company website runs off of Microsoft SQL Server. Someone tried changing the 'administrative' password but the way that they did it locks us out of the database.
Under Enterprise Manager there is a Security group, underneath here is a login. The person reset the password here on the login id that is the DBO for our website's database. Underneath the database in Enterprise Manager the dbo uses this login id. Where else does the password need to get reset in order for that login id to access the database? We cannot set it back to the previous password because it is unknown.
When we go to our website we get the following error:
Error Executing Database Query.
[Macromedia][SQLServer JDBC Driver]Error establishing socket. Connection refused: connect
Please try the following:
Enable Robust Exception Information to provide greater detail about the source of errors. In the Administrator, click Debugging & Logging > Debugging Settings, and select the Robust Exception Information option.
Check the ColdFusion documentation to verify that you are using the correct syntax.
Search the Knowledge Base to find a solution to your problem.
Browser Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
View 3 Replies
View Related
Jul 20, 2005
Hello,What are the default login/password to access pubs and northwind databases ?I remember the login = "sa", but nothing about the password.ThanksEric
View 4 Replies
View Related
Jan 17, 2008
Is there a way to set up automated email notification beginning 14 days prior to when a SQL Server Login password (that has "Enforce password expiration" enabled) will expire?
Thanks,
-Dave
View 7 Replies
View Related
Jun 4, 2015
i am getting bellow error Error: 18456, Severity: 14, State: 8.Login failed for user 'sa'. Reason: Password did not match that for the login provided. but no one is logging for that particular [clint :ip].this error occurring automatically. in this case in my environment log shipping is configured and the secondary database server getting this issue.when i disable the copy and restore jobs and bring the database in online. i am not getting that error .
View 3 Replies
View Related
Dec 18, 2006
Help!!
I used to have an Access database which had tables for users, roles, actions etc.
This was used by a C++ client app (using ADO) which logged in, got the user ID and password (by raising a login dialog ) and then checked these against a user table and then assigned the roles and possible actions.
Now we have SWL Server Express 2005 - NT Authorisation - how do I get/pass the user ID to the C++ Application so it can get the associated roles? Seems silly to have 2 logins.
Better still can I do away with the App's User table or make its password column invisible to all users bar Admin and the C++ App?
View 1 Replies
View Related
Jun 8, 2015
i am getting bellow error
Error: 18456, Severity: 14, State: 8.
Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT:####]
Login failed for user [sa]
Error: 18456, Severity: 14, State 38
Failed to open the explicitly specified database but no one is logging for that particular [clint :ip].this error occurring automatically. in this case in my environment log shipping is configured and the secondary database server getting this issue.when i disable the copy and restore jobs and bring the database in online. i am not getting that error .
View 17 Replies
View Related
Jul 12, 2007
What is the most optimized way to store Hashed values (obtained by Object.GetHashCode() method) in SQL Server?
Thanks.
View 4 Replies
View Related
Feb 23, 2008
I get this error message when I try to connect to Reporting Services via the Management Studio.
I can see my machine listed in the Server Name > Browse For More > Local Servers dialogue. But no luck,
Ive tried:
Servername: localhost
Servername: DED1774 (the machine name)
Servername: localhost/reportserver
Servername: DED1774/reportserver
Servername: http://ded1774/reportserver (from the rsreportserver.config file
<UrlRoot>http://ded1774/reportserver</UrlRoot>)
I've Googled the error message and found postings for solutions, but none of these helped. Can anyone suggest some simple steps I can take to try to find the issue and get the connection working?
Thanks
View 3 Replies
View Related
Jul 10, 2007
how can I create a database synonym for the actual database name?
View 3 Replies
View Related
Nov 4, 2003
I have a stored procedure that validates a user login against a username and password field.
How can I ensure case sensitivity in the stored procedure for the password field?
View 4 Replies
View Related
Jul 6, 2014
I am trying to learn how to store a web form password and than check it when the user log in. So far none of the code I can find works.
Why the following test does not work and what the correct code should be?
Insert Into [user]
values ('name', 'email', HashBytes('SHA1', 'bob'))
GO
Why does the following produce no rows?
SELECT *
From [user]
Where HashBytes('SHA1', password) = HashBytes('SHA1', 'bob')
View 8 Replies
View Related
Oct 7, 2014
Is there any way to find out the password for the remote login of the Linked server
View 1 Replies
View Related
Jul 22, 2015
I have a procedure where Login and Password of the database are to be used and right now i have given a valid hardcoded value for them.
How can I get these values from the actual login (I mean sql server authentication value or windows authentication).
View 8 Replies
View Related
