Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Administrator Password Issue

Status
Not open for further replies.
webgs

webgs

Programmer
Oct 30, 2001
59
US
Hi,

I have a Win 2000 server running SQL 2000. When it was setup, Windows Authentication was the selected security model. This morning, my IT guy decided to change the Administrator password for the box. The SQL Server instance no longer connected and I could not register it as a result. We changed the password back and eveything went back to normal. My IT guy wants to change the password regularly for increased security. Would it be better if we were using SQL Authentication instead? If yes, how would I go about switching it from Windows Authentication?

Thank you!
 
Sort by date Sort by votes
The problem you had this morning has nothing to do with Windows Authentication vs. SQL Server and Windows Authentication. (Windows only is the more secure option by the way).

If you look at the Windows account which is running the SQL Service you will see that it is running under the Administrator account. This is bad.

What this means is that when Windows goes to start the SQL Server is logs in as the Administrator. This means that if someone breaks into your SQL Server they can easly gain access to your server and your entire domain because the account is a domain admin. Accounts that run services should have the minimum rights that they need to function, not the most rights you can give it to make life easier.

You should create a new domain account specifically for the SQL Server. Most people name is SQLService or SQLServer. Once the account is created:

Grant the account any rights it will need on this server and any other servers. It does not need to have Administrator rights.

Open Enterprise Manager
Right click on the Server and select properties (at the bottom)
Select the Security Tab.
At the bottom in the Startup service account change the DOMAIN\Administrator account to the new account you just created.
In the password field put in the password for the new account.
Click OK.
Restart the SQL Service.

Reconnect to the SQL Server.
Open Managment
Right click on SQL Server Agent and select properties.
This should also be changed to the new account, and the password you just selected.

Restart the Agent.

If you are using SQLMail you'll need to set this back up.

Your admin can now change the Administrator password as often as he'd like. And props to your admin for wanting to change the Administrator password on a regular basis.

Denny
MCSA (2003) / MCDBA (SQL 2000)

--Anything is possible. All it takes is a little research. (Me)

[noevil]
(Not quite so old any more.)
 
Upvote 0 Downvote
Hi mrdenny,

Thanks a million for the advice and instructions! I'll go ahead make the changes.

 
Upvote 0 Downvote
no problem.

Denny
MCSA (2003) / MCDBA (SQL 2000)

--Anything is possible. All it takes is a little research. (Me)

[noevil]
(Not quite so old any more.)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

CodeWell
  • Locked
  • Question
SQL Server 2017 Install Issue - Database Not in Configuration Manager
Replies
0
Views
637
CodeWell
CodeWell
intel233
  • Locked
  • Question
Backup/Restore DB from SQL issues
Replies
2
Views
307
intel233
intel233
dd2maker
  • Locked
  • Question
SQL server 2008 R2 backup restore issue
Replies
2
Views
271
dd2maker
dd2maker
stevo1961
  • Locked
  • Question
Issue with Concurrent Users
Replies
1
Views
215
fredericofonseca
fredericofonseca
dgillz
  • Locked
  • Question
SQL 2016 installation issues
Replies
1
Views
220
yelworcm
yelworcm

Part and Inventory Search

Sponsor

Back
Top