Is there any way to script out Linked server with remote login password ?

  • SQLDBA346

    SSC Veteran

    Points: 289

    I have couple of linked servers on SQL server 2005 need to migrate to another SQL server 2005.I have to script out remote login password as well. when i script out Linked server,it won't bring password. it come up with hashed '#####'. There is no way to find out password from my team or application users. Is it possible to script out linked server with remote login credential ?

    Can someone guild me how to resolve this issue ?

  • Lowell

    SSC Guru

    Points: 323377

    nope it's not possible.

    linked server password, remote credential password, and also the password used for smtp authentication for any mail profiles are stored in a CREDENTIAL object, and there is no way to reverse engineer/read the value from the database.

    so you can script out the settings, and enter the correct value into the script afterwards(if you know it)

    but there is no way to get it from SQL.

    Lowell


    --help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!

  • GSquared

    SSC Guru

    Points: 260824

    The only solution is the same one for any lost password: Get it reset to something you know, and then copy that into the create script.

    - Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
    Property of The Thread

    "Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon

  • yup

    SSCarpal Tunnel

    Points: 4490

  • simon.jones.p

    SSC Enthusiast

    Points: 103

    Hello, I know your post is a bit old so I'm working with a 'better late than never' approach to this.

    Passwords can now be extracted. Anyone who arrives here while looking for the solution, please be aware that with a bit of powershell knowledge, access to the DAC and administrative access to the local machine; you can use the following scripts (explained in the URL and downloadable from github) to get some of the passwords.

    https://blog.netspi.com/decrypting-mssql-database-link-server-passwords/

    Simon

  • Luis Cazares

    SSC Guru

    Points: 183543

    simon.jones.p (3/4/2016)


    Hello, I know your post is a bit old so I'm working with a 'better late than never' approach to this.

    Passwords can now be extracted. Anyone who arrives here while looking for the solution, please be aware that with a bit of powershell knowledge, access to the DAC and administrative access to the local machine; you can use the following scripts (explained in the URL and downloadable from github) to get some of the passwords.

    https://blog.netspi.com/decrypting-mssql-database-link-server-passwords/

    Simon

    It seems to work. I was wondering if it would be a security issue, but that's probably not the root cause of the problem. I can't understand why are people still using mixed Authentication.

    Luis C.
    General Disclaimer:
    Are you seriously taking the advice and code from someone from the internet without testing it? Do you at least understand it? Or can it easily kill your server?

    How to post data/code on a forum to get the best help: Option 1 / Option 2

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply