I would like to learn how to use SQL Server. My school offers the software as part of its enrollment package so I decided to download it and try installing it. Unfortunately, I get stuck at the following installation screen:
No matter what name and password I enter for any of the fields, it comes back telling me that these are invalid. Where and how do I get valid login credentials? Am I supposed to register somewhere somehow?
Any help appreciated! Thank you!
Since this is a local install you can leave it at the default one's OR create a local user account on your box and give it those to use.
If you use the default one's you don't supply them passwords.
The various machine accounts like NT AUTHORITY\NETWORK SERVICE and NT AUTHORITY\SYSTEM do not require you to enter a password, and you shouldn't try to. They already have a preconfigured password which you don't have access to. This is why the password field is disabled in your image.
Leave those accounts set the way they are, and continue with your install. If it refuses to allow you continue, then you have either changed something, or there is something else wrong (not the passwords).
Related
I can't change the username in the SQL Server Management Studio. It's pointing automatically to my last used username and disabled. Any help would be appreciated
No, you can't change the user name when you select 'Windows Authentication'. It always defaults to the currently logged in user or the security context of the user under which the program is executed.
So, if you want to use another user credential then use the 'Run As different User' option when opening the SSMS. If you right click on the SSMS shortcut you will get this option.
It's pointing automatically to my last used username and disabled. Any help would be appreciated
There is nothing wrong in that, as mentioned in comments, you could only change the user when you change authentication type to SQL Server authentication. If you insist to change the user in Windows Authentication, hold the Shift (in your keyboard) and right-click on SSMS (shortcut), then choose Run as different user
I have a password protected PostgreSQL database (running on windows) which has been accessed by an unauthorized person several times using this simple trick as described here:
Stopping PostgreSQL Windows service
Changing md5 to trust in pg_hba.conf file
Starting Windows service
Accessing database via pgAdmin without a need of password
Is there any way to block this mechanism? I've been thinking about multiple windows users (there's only one administrator account on the machine right now) with limited file change privileges, but I am worried about database functionality and I would prefer a little bit more straight-forward solution.
UPDATE
Thank you all for your responses, they were all very helpful.
It's obvious to me now the user accounts are the way - probably the only right way at all.
Indeed the way to solve the problem is not by looking into PostgreSQL, but by looking into your Windows security. Once someone gains administrator privileges, there is nothing which stops the person from changing anything - this includes your PostgreSQL settings. Even if you set a database password and set proper permissions for the pg_hba.conf file, the unauthorized person can still change the permissions back, or start the database in single user mode (no password required) and modify the passwords.
Create separate Windows user accounts, protect the Admin with a password, and stop using the Admin account for day-to-day work.
Perhaps change all your users to limited. Create a user called postgres thats also limited and set it so that that its the only user that can read/write its own files. You will have your administrator account, that still can do whatever you want to do. Now run the postgres service as the user postgres and youre done.
... and stop giving people your admin password -- you should be fine ;)
I have created a new SQL Server on Azure, and am trying to sign into their web based Management area.
What credentials do I need to provide?
I created the Database using the Quick Create wizard, and was never asked for a password.
I have tried my Windows Live username and password, this doesn't work. I have also tried the username specified in the connection string you get from Azure with and without the #foo you get afterwards, along with my Live ID password, neither of these work either.
I can't see anything in the portal providing a password.
Am I missing something?
Go to the DB tab and select the DB server that was auto-created. Will have some random letters and numbers as a name.
On the dashboard of the server you should be able to reset the administrator password. On that page it should also give you the administrator login username.
Hope that helps,
Henry
edit: one other thing, you need to add your IP address as a management address. You can do this by going to the DB tab and clicking MANAGE at the bottom, should prompt you to add your IP to the firewall
Ok so I have no idea about the database created by the wizard, but if you go through the 'Custom Create' route on Azure, you have the opportunity to supply your own Username and Password, and these do work.
The title says it pretty well: I can access my SQL Server from the internet, and my users are configured with strong passwords to access only their respective DBs.
But I receive 10000+ login attacks by day with the user "sa".
I don't need "sa" remote access, how to disable it, and only it?
Thank you!
Security practices by Microsoft and industry state if use SQL authentication to rename the sa account and disable it. There is really no reason to use that account explicity for an application or admin account. Most companies require tracability when it comes to security and use of the sa account in SQL server does not allow for that.
Even if you disable or rename it you will still see attacks coming in for that account, it comes with the territory. The same thing occurs with the default login Oracle has in their product. Script kiddies and other hacking programs are just programmed to check for those type of accounts.
A better option might be to report where the attacks are coming from on the network side to your network team or ISP. They will be able to better handle that to block that traffic through the network layer. Just my opinion.
Perhaps this might help: in conjunction with this:
As far as i know SQL Server lets you diable single sql server logins, but that means the login is disabled in general, regardless of the machine the user is trying to connect from. So you either disable "sa" in general or you'll have give the login a really strong password. You might be able to emulate the desired behavior by using a logon trigger, that checks where the user connects from, if the user is "sa", but i think that's not a viable solution for you, since you seem to be wanting to get rid of the many connection attempts from attacks. In any case, you might want to remove "sa" from the server role "sysadmin" to guard against a potentially successful login attemt.
An advantage by using Windows Authentication is that I do not need to provide a username and password to log into the server as the user currently logged into Windows. But in a specific case I would like to log into the SQL Server as another user, using the same Windows Authenticated ODBC connection.
So, the question: Is it possible to log into an SQL Server using Windows Authentication, but not as the user currently logged into Windows (without a dialog asking for username and password)?
The simple answer to your question is no, without a dialog being presented, it's not possible to login to SQL Server using another Windows account.
The slightly more complex answer is; You can login as another user (WITH a dialog being presented) by right-clicking the Query Analyser icon and choosing "Run As" (Might require a CTRL or SHIFT key held down to make RUN AS appear.
There's also the RUNAS command line executable which you could look at, so you could create a shortcut that contains the RUNAS command, the credentials and the path to Query Analyser. That would eliminate being asked for a username or password on execution.
No matter what, if you are not using the credentials of the logged in user, you will need to pass other credentials--short of asking for them directly, the only other option is to store them..
And once you are doing that, it may be worth considering mixed-mode authentication and use SQL login/pw for this specific situation.
Runas does not let you provide a password on the command line and will produce a popup to gather it. A little searching let me to an artical on technet that may help out while not it's intended use..
http://technet.microsoft.com/en-us/library/bb727155.aspx
http://blogs.msdn.com/oldnewthing/archive/2004/11/29/271551.aspx