Re: SQL2005 Evaluation Edition ReInstall

From: Sue Hoegemeier <Sue_H@xxxxxxxxxxxxx>
Date: Mon, 21 May 2007 20:50:43 -0600

Are there any logins that are members of the sysadmin role?
What about the service accounts - are they running under
(not-system) local or domain accounts that you have access
to?
What about having the person who installed it sit there and
not go home until they have figured out the password?

-Sue

On Mon, 21 May 2007 15:43:00 -0700, Thom
<Thom@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

We are currently testing our application on SQL2005 Eval Edition. The
individual who installed SQL does not remember the sa password. And the
built-in admin account has been removed from sysadmin. Since currently it
appears that no one can log in as a SysAdmin to SQL I need to find a solution.

Is there anyway to resolve this situation short of reinstalling SQL?
Can Eval Edition be uninstalled and reinstalled?

Prev by Date: Re: Use of Sql2k client tools on MSDE
Next by Date: Re: sql 2005 x64 - installation of 5th instance
Previous by thread: sql 2005 x64 - installation of 5th instance
Next by thread: Re: SQL2005 Evaluation Edition ReInstall
Index(es):
- Date
- Thread

Relevant Pages

RE: local admin account password
... Subject: local admin account password ... > 4) Only use domain accounts so delete the local ones. ... > The DB file would be encrypted with EFS so only the limited user SQL ... > backup user can make a zip backup of the DB whenever it gets changed ...
(Focus-Microsoft)
RE: local admin account password
... Say you have more then 1000 systems, how do you handle the local admin ... Only use domain accounts so delete the local ones. ... The DB file would be encrypted with EFS so only the limited user SQL ... There would be basically two stored procs, ...
(Focus-Microsoft)
RE: "login failed for user ..." appears in event viewer repeatedly
... OK, did I hear you right, you've determined that the attacks are coming from ... holes to that segment and/or box to just the SQL ports. ... I looked closer at the SQL accounts. ... I used SQL profiler to audit logins and login failures. ...
(microsoft.public.sqlserver.security)
Re: Server or Service Accounts complete lockdown?
... SQL Enterprise Manager? ... I wonder if I need to somehow create accounts in each SQL DB to allow ... Heres the strange bit - I have full access but dev team are prompted to ... used by the web application for SQL database access. ...
(microsoft.public.security)
Re: testing vulnerable web application.
... You should be able to just open up your logs and look for things that are out of the ordinary. ... Keep your database and all but double check it to make sure there really aren't accounts and what not that should not be there. ... We assumed the attacker was using some sort of SQL injection to alter the DB records or possibly he can craft a SQL query in a way that will create an admin account to use to simply log in and alter the records and then delete his username...NO rogue admin accounts have ever been found. ... You have an option to go with a managed service or an enterprise software. ...
(Pen-Test)