I am currently using SQL Server Management Studio to update my sa password of my local database.
I went into the database and under security I Choose 'sa' and right clicked the 'Properties'. I then update the password and click on OK button to close the Properties window.
I disconnected the database and reconnected to it with username:sa and the changed password but I can't login to the database with sa
In order to change user's password you need to go to the Security node placed at the root of the object explorer. You do not need to go to the Security node, under your database's node.
Pinal has a post about changing the user's password. you can refer to it:
https://blog.sqlauthority.com/2007/12/29/sql-server-change-password-of-sa-login-using-management-studio/
Make sure to restart the SQL Server and all its services and test new
password by log into system using SA login and new password.
You can also change the password using following script:
USE [master]
GO
ALTER LOGIN [sa]
WITH CHECK_EXPIRATION=OFF, -- Password will never expired
CHECK_POLICY=OFF -- Password do not need to meet the password complexity policy
GO
USE [master]
GO
ALTER LOGIN [sa] WITH PASSWORD=N'123'
GO
Related
I'm trying to create a user in SQL Server. I can create the user fine and then I grant that user some privileges. Here is the code:
CREATE LOGIN TestLogin WITH password='abc';
-- Now add user to database
USE TestDB;
CREATE USER TestUser FOR LOGIN TestLogin;
GO
use [TestDB]
GO
GRANT INSERT TO [TestUser]
GO
use [TestDB]
GO
GRANT SELECT TO [TestUser]
GO
use [TestDB]
GO
GRANT UPDATE TO [TestUser]
GO
use [TestDB]
GO
DENY DELETE TO [TestUser]
GO
After this I want to use this user in my web.config file.
<add name="DBConnectionString"
connectionString="Server=tcp:abc.database.windows.net;Database=TestDB;User ID=TestLogin;Password=abc;Trusted_Connection=False;Encrypt=True;MultipleActiveResultSets=True;"
providerName="System.Data.SqlClient" />
My question is: in the web.config file I have to use the LOGIN user. When I apply migrations, I don't want to run any DELETE statements so I created a USER and denied him the access. Can I use this user in the web.config file?
My goal is that when migrations are applied I don't want to execute DELETE. Will my approach work or what should I change?
You created a server level principal (the Login), and then created a database level principal (the user) and modified it's permissions; if you aren't familiar with the difference, here was a question on that.
In your example, you mapped TestLogin -> TestUser on TestDB; this means that TestLogin will have the permission level you assigned to TestUser since you're connecting to TestDB. (So YES you will have denied DELETE to the connection defined in the connection string.)
As for your question in the comments about your migration- when executed via this connection string, as far as my understanding goes, it should fail.
I'm new to SQL Server 2008. I just installed SQL Server Express. I'm having trouble creating a new database, and I think I don't have permission.
I login like this, please see this screenshot:
Then I tried to create a new database and I got this:
I tried to search for some solution and this what I've got:
http://blogs.msdn.com/b/sqlexpress/archive/2010/02/23/how-to-take-ownership-of-your-local-sql-server-2008-express.aspx
But I can't download the script and the page says:
An error occurred while processing your request.
Please help. Kind regards
I resolved my problem with the following steps:
Set the instance of the SQL Service to single-user mode:
Open SQL Server Configuration Manager. Double click SQL Server Services.
Stop all SQL Server services
Right click SQL service and click Properties, in the Advanced tab, look for 'Startup Parameters'
Insert '-m;' at the beginning of the Startup Parameters value
Start the SQL service
Open SQL Server Management Studio and login with Windows authentication, you can now add user or change password of different users.
Hope this helps!
Try logging in with the sa account and grant permissions to your Windows account.
If you do not know the sa password use sqlcmd and execute the following commands:
Use Master
Go
ALTER LOGIN [sa] WITH PASSWORD=N'NewPassword'
Go
Login with the sa account and GRANT permission to the account.
USE Master;
GRANT CREATE DATABASE TO Jommel;
I have a problem, I'm using windows 7 with MS SQL Server Management Studio Express 2005 although I've lost my administrator/ sa password. Is there a command I can use to reset the password, without the old one?
I can login using windows authenication.
many thanks,
James
Login to the SQL Server computer as the Administrator of that computer. Open Query Analyzer and connect to SQL Server using Windows NT authentication. Run sp_password as shown below to reset the sa password:
sp_password #new = 'will_never_forget_again', #loginame = 'sa'
EDIT:
This is unexpected, as you were able to get in to detach a db, so you must
have some privileges. The message you got:
... is a response to the sp_password command. So when you say you tried to
reconnect with 'sa', can you tell us how you did that?
Also, when using the SQLCMD tool, you have to type GO to execute a command:
SP_PASSWORD #NEW = 'my_password', #loginame = 'sa'
GO
Then you need to exit before you try to reconnect.
Try getting in again, and seeing who you are. So after connecting:
C:\sqlcmd -E -d master
Please run this:
SELECT suser_sname(), user_name()
GO
Also, run this after you obtain your user name and enter your new password per my original answer:
ALTER LOGIN sa ENABLE
GO
In the object explorer, go to Security-> Logins and click on preferences for the "sa"-account. There you can reset the password
Because you can login using your windows authentication then it's pretty easy.
what you need is just
login to your management studio,
on the tree view, expand "security" folder, and also expand the
"Logins" folder,
right click on "sa"
change the password. done
How can I create a SQL user in a SQL Server Express database that I added to my project?
I need to create a user to use in a connection string that doesn't use Integrated Security.
You would need to create a SQL Authenticated login first with CREATE LOGIN then add a user associated with that login to your database by using CREATE USER.
USE [master]
GO
CREATE LOGIN [JohnEgbert] WITH PASSWORD=N'YourPassword',
DEFAULT_DATABASE=[YourDB], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
GO
USE [YourDB]
GO
CREATE USER [JohnEgbert] FOR LOGIN [JohnEgbert] WITH DEFAULT_SCHEMA=[dbo]
GO
If you create a SQL login and a SQL user without errors, but then get an error when trying to connect, you may have the SQL Authentication mode disabled. To check, run:
SELECT SERVERPROPERTY('IsIntegratedSecurityOnly')
If this returns 1, then SQL Authentication (mixed mode) is disabled.
You can change this setting using SSMS, regedit, or T-SQL:
EXEC xp_instance_regwrite N'HKEY_LOCAL_MACHINE', N'Software\Microsoft\MSSQLServer\MSSQLServer', N'LoginMode', REG_DWORD, 2
Then restart the SQL Server service, and create a login and a user, here with full permissions:
CREATE LOGIN myusername WITH PASSWORD=N'mypassword',
DEFAULT_DATABASE=[master], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
EXEC sp_addsrvrolemember 'myusername', 'sysadmin'
CREATE USER myusername FOR LOGIN myusername WITH DEFAULT_SCHEMA=[dbo]
I want to write a script to create a admin user ( with abcd password ) in SQL Server Express.
Also I want to assign this user admin full rights.
Based on your question, I think that you may be a bit confused about the difference between a User and a Login. A Login is an account on the SQL Server as a whole - someone who is able to log in to the server and who has a password. A User is a Login with access to a specific database.
Creating a Login is easy and must (obviously) be done before creating a User account for the login in a specific database:
CREATE LOGIN NewAdminName WITH PASSWORD = 'ABCD'
GO
Here is how you create a User with db_owner privileges using the Login you just declared:
Use YourDatabase;
GO
IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'NewAdminName')
BEGIN
CREATE USER [NewAdminName] FOR LOGIN [NewAdminName]
EXEC sp_addrolemember N'db_owner', N'NewAdminName'
END;
GO
Now, Logins are a bit more fluid than I make it seem above. For example, a Login account is automatically created (in most SQL Server installations) for the Windows Administrator account when the database is installed. In most situations, I just use that when I am administering a database (it has all privileges).
However, if you are going to be accessing the SQL Server from an application, then you will want to set the server up for "Mixed Mode" (both Windows and SQL logins) and create a Login as shown above. You'll then "GRANT" priviliges to that SQL Login based on what is needed for your app. See here for more information.
UPDATE: Aaron points out the use of the sp_addsrvrolemember to assign a prepared role to your login account. This is a good idea - faster and easier than manually granting privileges. If you google it you'll see plenty of links. However, you must still understand the distinction between a login and a user.
Full admin rights for the whole server, or a specific database? I think the others answered for a database, but for the server:
USE [master];
GO
CREATE LOGIN MyNewAdminUser
WITH PASSWORD = N'abcd',
CHECK_POLICY = OFF,
CHECK_EXPIRATION = OFF;
GO
EXEC sp_addsrvrolemember
#loginame = N'MyNewAdminUser',
#rolename = N'sysadmin';
You may need to leave off the CHECK_ parameters depending on what version of SQL Server Express you are using (it is almost always useful to include this information in your question).
You can use:
CREATE LOGIN <login name> WITH PASSWORD = '<password>' ; GO
To create the login (See here for more details).
Then you may need to use:
CREATE USER user_name
To create the user associated with the login for the specific database you want to grant them access too.
(See here for details)
You can also use:
GRANT permission [ ,...n ] ON SCHEMA :: schema_name
To set up the permissions for the schema's that you assigned the users to.
(See here for details)
Two other commands you might find useful are ALTER USER and ALTER LOGIN.
If you want to create a generic script you can do it with an Execute statement with a Replace with your username and database name
Declare #userName as varchar(50);
Declare #defaultDataBaseName as varchar(50);
Declare #LoginCreationScript as varchar(max);
Declare #UserCreationScript as varchar(max);
Declare #TempUserCreationScript as varchar(max);
set #defaultDataBaseName = 'data1';
set #userName = 'domain\userName';
set #LoginCreationScript ='CREATE LOGIN [{userName}]
FROM WINDOWS
WITH DEFAULT_DATABASE ={dataBaseName}'
set #UserCreationScript ='
USE {dataBaseName}
CREATE User [{userName}] for LOGIN [{userName}];
EXEC sp_addrolemember ''db_datareader'', ''{userName}'';
EXEC sp_addrolemember ''db_datawriter'', ''{userName}'';
Grant Execute on Schema :: dbo TO [{userName}];'
/*Login creation*/
set #LoginCreationScript=Replace(Replace(#LoginCreationScript, '{userName}', #userName), '{dataBaseName}', #defaultDataBaseName)
set #UserCreationScript =Replace(#UserCreationScript, '{userName}', #userName)
Execute(#LoginCreationScript)
/*User creation and role assignment*/
set #TempUserCreationScript =Replace(#UserCreationScript, '{dataBaseName}', #defaultDataBaseName)
Execute(#TempUserCreationScript)
set #TempUserCreationScript =Replace(#UserCreationScript, '{dataBaseName}', 'db2')
Execute(#TempUserCreationScript)
set #TempUserCreationScript =Replace(#UserCreationScript, '{dataBaseName}', 'db3')
Execute(#TempUserCreationScript)
CREATE LOGIN AdminLOGIN WITH PASSWORD = 'pass'
GO
Use MyDatabase;
GO
IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'AdminLOGIN')
BEGIN
CREATE USER [AdminLOGIN] FOR LOGIN [AdminLOGIN]
EXEC sp_addrolemember N'db_owner', N'AdminLOGIN'
EXEC master..sp_addsrvrolemember #loginame = N'adminlogin', #rolename = N'sysadmin'
END;
GO
this full help you for network using:
1- Right-click on SQL Server instance at root of Object Explorer, click on Properties
Select Security from the left pane.
2- Select the SQL Server and Windows Authentication mode radio button, and click OK.
3- Right-click on the SQL Server instance, select Restart (alternatively, open up Services and restart the SQL Server service).
4- Close sql server application and reopen it
5- open 'SQL Server Configuration Manager' and tcp enabled for network
6-Double-click the TCP/IP protocol, go to the IP Addresses tab and scroll down to the IPAll section.
7-Specify the 1433 in the TCP Port field (or another port if 1433 is used by another MSSQL Server) and press the OK
8-Open in Sql Server: Security And Login And Right Click on Login Name And Select Peroperties And Select Server Roles And
Checked The Sysadmin And Bulkadmin then Ok.
9-firewall: Open cmd as administrator and type:
netsh firewall set portopening protocol = TCP port = 1433 name = SQLPort mode = ENABLE scope = SUBNET profile = CURRENT
This past week I installed Microsoft SQL Server 2014 Developer Edition on my dev box, and immediately ran into a problem I had never seen before.
I’ve installed various versions of SQL Server countless times, and it is usually a painless procedure. Install the server, run the Management Console, it’s that simple. However, after completing this installation, when I tried to log in to the server using SSMS, I got an error like the one below:
SQL Server login error 18456
“Login failed for user… (Microsoft SQL Server, Error: 18456)”
I’m used to seeing this error if I typed the wrong password when logging in – but that’s only if I’m using mixed mode (Windows and SQL Authentication). In this case, the server was set up with Windows Authentication only, and the user account was my own. I’m still not sure why it didn’t add my user to the SYSADMIN role during setup; perhaps I missed a step and forgot to add it. At any rate, not all hope was lost.
The way to fix this, if you cannot log on with any other account to SQL Server, is to add your network login through a command line interface. For this to work, you need to be an Administrator on Windows for the PC that you’re logged onto.
Stop the MSSQL service.
Open a Command Prompt using Run As Administrator.
Change to the folder that holds the SQL Server EXE file; the default for SQL Server 2014 is “C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn”.
Run the following command: “sqlservr.exe –m”. This will start SQL Server in single-user mode.
While leaving this Command Prompt open, open another one, repeating steps 2 and 3.
In the second Command Prompt window, run “SQLCMD –S Server_Name\Instance_Name”
In this window, run the following lines, pressing Enter after each one:
1
CREATE LOGIN [domainName\loginName] FROM WINDOWS
2
GO
3
SP_ADDSRVROLEMEMBER 'LOGIN_NAME','SYSADMIN'
4
GO
Use CTRL+C to end both processes in the Command Prompt windows; you will be prompted to press Y to end the SQL Server process.
Restart the MSSQL service.
That’s it! You should now be able to log in using your network login.