Regaining access to SQL server after changing the domain

  • Comments posted to this topic are about the item Regaining access to SQL server after changing the domain

  • Nice trick; I'll have to remember that.

  • I'm just curious, wouldn't using sa account do the same?

  • One would need the SA password I'm thinking.

    Also, the SQLAgent user might be an interesting problem?

    I like the article, and have done similar 'hacks' such as booting from a CD-ROM for default access etc.

    but, why would this technique not also be considered a backdoor access even on servers not changed? I mean, anyone with an admin role to a server would be able to hack into SQL using this technique: right?

  • Typically, the 'sa' account is disabled if you are using Windows authentication in SQL Server.

    Also, this is an intentional "backdoor". MSDN has an article on this process entitled Connect to SQL Server When System Administrators Are Locked Out:

    http://msdn.microsoft.com/en-us/library/dd207004.aspx

  • Well, in the article was mentioning of application using SQL authentication, so it made me think that server is mixed.

    Anyway, it was interesting food for thought. I was thinking of how I would act in the situation like this (if ever somebody decides to change a name on a domain. Just think of all the other issues people will be facing! SQL wouldn't be the biggest concern, for sure).

  • It would have to be mixed in my estimation to allow the OS Administrator role member to start SQL server and add a SQL user, right. If ONLY SQL logins were allowed, then the Administrator-role-non-SQL-User, could not gain access. One would need to do more severe changes to the SQL Engine dynamics, to allow mixed mode: Thinking 'maybe' [haven't explored it yet] changing the registry entry might allow mixed mode....need to look agian.

    WAIT: Google find:

    can change the Login Mode via registry

    http://printaudit.force.com/KnowledgeHome/articles/How_To/How-to-set-Mixed-Mode-Authentication-without-SQL-Management-Studio?retURL=%2FKnowledgeHome%2Fapex%2FknowledgeHome&popup=false

  • Good tip. I've done this in the past, but not via the service. I've stopped the service, opened a command prompt to the SQL Server program folder, and run the sqlservr.exe file using -c -m (which starts SQL Server in single user mode as an application rather than a service. There's another switch to use if it is a named instance. See Books Online for details). As it runs as an application, that command prompt window will essentially be locked up until sqlservr.exe finishes running. Hit Ctrl-C to quit; you will be prompted if you want to stop SQL Server.

    There's probably not much benefit in running the executable directly other than you don't muck about with the service startup parameters; it's just I discovered that way of doing before the other (in fact, on reflection, it was probably because I first had to do it with SQL Server 2000, which doesn't have a Configuration Manager application, so it was easier running the .exe directly).

    What should also be mentioned is that you should use sqlcmd rather than Management Studio to connect once in single user mode because SSMS has a tendency to open multiple connections (e.g. one for Object Explorer, one for a query window), so you may have difficulties administering the instance if it is in single user mode.



    Scott Duncan

    MARCUS. Why dost thou laugh? It fits not with this hour.
    TITUS. Why, I have not another tear to shed;
    --Titus Andronicus, William Shakespeare


  • @niveditamsbi

    Your posts have been deleted as off-topic. Can you please repost them as new threads in the appropriate forum for the version of SQL Server you're using?

  • wait, what?

  • DROP PROCEDURE OFFICEUSER.SP_OFFICEUSER_INSERT_PAYROLL

    CREATE OR REPLACE PROCEDURE OFFICEUSER.SP_OFFICEUSER_INSERT_PAYROLL

    IS

    CURSOR

    C_EMP

    IS

    SELECT DISTINCT(EMP_NO) as emp_no FROM EMPLOYEE_PAYROLL_MASTER;

    CURSOR

    C_EMP_INSERT(empNo in number)

    IS

    SELECT * FROM EMPLOYEE_PAYROLL_MASTER WHERE EMP_PAYROLL_NO=(SELECT max(EMP_PAYROLL_NO) FROM EMPLOYEE_PAYROLL_MASTER WHERE EMP_NO= empNo ) ;

    emp_seq_no NUMBER(10);

    BEGIN

    for R1 in C_EMP LOOP

    for R2 in C_EMP_INSERT(R1.emp_no) LOOP

    INSERT INTO EMPLOYEE_PAYROLL_MASTER (

    EMP_PAYROLL_NO,

    EMP_NO,

    EMP_DESIGNATION_NO,

    EMP_PAYSCALE_RANGE,

    EMP_NUMBER_OF_DAYS,

    EMP_BASIC,

    EMP_GROSS_BASIC,

    EMP_DA_NO,

    EMP_DA_AMOUNT,

    EMP_HRA_NO,

    EMP_HRA_AMOUNT,

    EMP_AGP,

    EMP_FDA_AMOUNT,

    EMP_IC_ALLOWANCE_AMOUNT,

    EMP_SPECIAL_ALLOWANCE_AMOUNT,

    EMP_GROSS_SALARY,

    EMP_PF,

    EMP_EPF,

    EMP_PT,

    EMP_LIC,

    EMP_ESI,

    EMP_RD,

    EMP_IT,

    EMP_IR,

    EMP_IR_AMOUNT,

    EMP_GROUP_INSURANCE_AMOUNT,

    EMP_MEDICAL_CLAIM,

    EMP_OTHERS,

    EMP_MISCELANEOUS,

    EMP_RELIEF_FUND,

    EMP_CO_OP,

    EMP_DEDUCTION_TOTAL,

    EMP_NET_SALARY,

    EMP_ACTUAL_INCREMENT_DATE,

    EMP_BALANCE_INCREMENT,

    EMP_INCREMENT_STATUS,

    EMP_MODIFY_INCREMENT_MONTH,

    EMP_SAL_MONTH,

    EMP_SAL_YEAR,

    EMP_MODIFY_STATUS,

    EMP_MODIFY_DATE)

    VALUES (EMP_PAYROLL_NO_SEQ.nextval,

    R2.EMP_NO,

    R2.EMP_DESIGNATION_NO,

    R2.EMP_PAYSCALE_RANGE,

    R2.EMP_NUMBER_OF_DAYS,

    R2.EMP_BASIC,

    R2.EMP_GROSS_BASIC,

    R2.EMP_DA_NO,

    R2.EMP_DA_AMOUNT,

    R2.EMP_HRA_NO,

    R2.EMP_HRA_AMOUNT,

    R2.EMP_AGP,

    R2.EMP_FDA_AMOUNT,

    R2.EMP_IC_ALLOWANCE_AMOUNT,

    R2.EMP_SPECIAL_ALLOWANCE_AMOUNT,

    R2.EMP_GROSS_SALARY,

    R2.EMP_PF,

    R2.EMP_EPF,

    R2.EMP_PT,

    R2.EMP_LIC,

    R2.EMP_ESI,

    R2.EMP_RD,

    R2.EMP_IT,

    R2.EMP_IR,

    R2.EMP_IR_AMOUNT,

    R2.EMP_GROUP_INSURANCE_AMOUNT,

    R2.EMP_MEDICAL_CLAIM,

    R2.EMP_OTHERS,

    R2.EMP_MISCELANEOUS,

    R2.EMP_RELIEF_FUND,

    R2.EMP_CO_OP,

    R2.EMP_DEDUCTION_TOTAL,

    R2.EMP_NET_SALARY,

    R2.EMP_ACTUAL_INCREMENT_DATE,

    R2.EMP_BALANCE_INCREMENT,

    R2.EMP_INCREMENT_STATUS,

    R2.EMP_MODIFY_INCREMENT_MONTH,

    R2.EMP_SAL_MONTH,

    R2.EMP_SAL_YEAR,

    R2.EMP_MODIFY_STATUS,

    R2.EMP_MODIFY_DATE

    );

    COMMIT;

    END LOOP;

    END LOOP;

    END;

  • @niveditamsbi

    Please start a new thread for question instead of posting unrelated content in an existing thread.

Viewing 12 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic. Login to reply