SQl Server User Password

Question

0.00/5 (No votes)

See more:

SQL-Server-2005

i connect with sql server through IP address, but suddenly the sql server change the password of "sa" user without i changed it every 2~3 days, what is the reason for that ?
please help ?

Posted 16-Jul-13 3:22am

Ahmad Halabi

Updated 16-Jul-13 3:31am

v2

Add a Solution

Comments

Johnny J. 16-Jul-13 9:23am

Maybe you should ask your boss if you're still working there?

Ahmad Halabi 16-Jul-13 9:26am

nobody change the password, the sql server change it every 2~3 days

[no name] 16-Jul-13 9:33am

The reason for that is someone is going in and changing the sa password.

Ahmad Halabi 16-Jul-13 9:36am

no,nobody can enter to the server room
the sql server itself change the password randomly

bbirajdar 16-Jul-13 9:42am

Issue a warning letter to the sql server on the company letter head. Also mention that if he ( sql server ) creates such type of nusiance within company premises, then he will be fired without any warning.

Nirav Prabtani 16-Jul-13 9:46am

:)

Ahmad Halabi 16-Jul-13 9:54am

i think it a sql server problem

[no name] 16-Jul-13 9:51am

Bull

bbirajdar 16-Jul-13 10:16am

Thanks

[no name] 16-Jul-13 10:19am

For?

bbirajdar 16-Jul-13 10:24am

For your comment.. Although the last four letters are missing

[no name] 16-Jul-13 10:29am

Ah... I see. Trying a new thing.... I think it's called "diplomacy"... :-)

Ahmad Halabi 16-Jul-13 9:59am

i think i have the answers,when the admin connect remotely to the server, this problem appears.
but is the solution ? how i can prevent changing the password ? :(

_Vitor Garcia_ 17-Jul-13 9:47am

Why not create a user for your own with the right privileges and forget about sa ?
SQL Server don't change sa on its own.

2 solutions

Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2013-07-16T04:08:00

Solution 1

SQL Server does not and will not change the SA password on it's own. There has to be some script running somewhere that is doing it. You do NOT need physical access to the server to change the SA password. It can be done remotely.

Posted 16-Jul-13 4:08am

Dave Kreskowiak

Comments

Ahmad Halabi 16-Jul-13 10:14am

if that true, what is the solution ? can i block any script of changing the password of "sa" user in sql server ?

lewax00 16-Jul-13 10:23am

Make sure no one else has the password to sa (and make sure it's sufficiently secure as to not be guessed easily), and make sure no other account has authority to change it.

Ahmad Halabi 16-Jul-13 10:25am

there are many user access to the sql server (there are program for stotck), i can't do that

lewax00 16-Jul-13 11:09am

Then it sounds like it's an internal problem, you need to find out who's changing it and why. Or decide if everyone really needs access to sa.

lewax00 16-Jul-13 11:09am

Then it sounds like it's an internal problem, you need to find out who's changing it and why. Or decide if everyone really needs access to sa.

Dave Kreskowiak 16-Jul-13 10:24am

Really? If your not a DBA and can't diagnose SQL Server problems, I suggest finding a DBA to do it.

This could be something in a script running from a workstation, or someone possibly setup a scheduled job in SQL Server that's changing it, or..., or..., or... The list goes on and on.

You can attempt to trace password change events by reading this:
http://www.mssqltips.com/sqlservertip/2708/tracking-login-password-changes-in-sql-server/

Ahmad Halabi 16-Jul-13 10:30am

the problem i think, when the admin access to the server remotely by remote desktop, a conflict (conflict in ports i think) between sql server and remote desktop

Dave Kreskowiak 16-Jul-13 10:34am

You can "think" all you want. That won't change the SA password.

There's a rule in troubleshooting: Thinking is not allowed. You either KNOW something and can prove it or you have to FIND OUT.

Ahmad Halabi 16-Jul-13 10:36am

you are right

bbirajdar · Accepted Answer · 2013-07-16T04:37:00

Check if your server is infected with virus
http://www.symantec.com/security_response/writeup.jsp?docid=2002-052108-5430-99[^]

http://www.sans.org/security-resources/idfaq/spider.php[^]

OR

take a look at the sproc from sp_password -- someone may have compromised it and is logging any password changes you make (allowing them to know the sa password so they can change it again in the future)
The date on the sproc should be the same as the majority of the other system created sprocs in master (depends on your version).

SQl Server User Password

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0

SQl Server User Password

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0

Existing Members

...or Join us