Thursday, February 3, 2011

SQL server silent install with weak password

Hi.
For the setup of an application i wanted to do a silent install of sql server. For backward compatibility the server needs a weak sa password. I know that sa should not be used and i know that it should not have a weak password, but I'm not responsible for this and I can't change this part.

When trying to do a silent install with SAPWD="ThePassword" i get an error, that the password does not match the password policies. Is there any way to force the weak password in silent installation?

Thanks for help.

From serverfault Marks

  • You could try this:

    • Run secpol.msc on the server before installation.

    • Go to account policies -> password policy

    Go to account policies - password policy

    • Disable "Password must meet complexity requirements" and give it another go
    Marks : I wanted a silent install(It's included in an installer). Therefore a user interaction is not possible. But thanks for the tip.
    Scoregraphic : I thought it would be ok to set this option before running the installer. Maybe you can set this option by using `secedit` (http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/secedit_cmds.mspx?mfr=true)
    MarkM : Correct me if I'm mistaken, but I don't believe the SA account, or any other SQL (non-Windows) accounts respect this policy.
    Scoregraphic : The password policy is global and respected by SQL Server. See also http://www.mssqltips.com/tip.asp?tip=1088 and http://blogs.msdn.com/b/sqlsecurity/archive/2009/03/25/enforce-password-policy-on-sql-server-logins.aspx
    From Scoregraphic

  • As score already pointed out, you need to change the security policies to do this. If there would be a way to install something that breaks a company policy without disabling the said policy, that would be technically a 'vulnerability' and the operation would be called an 'exploit'.

    Now you have two options:

    • change the company policy to allow the application.
    • obey the company policies and don't allow the application.

    Is really simple as this...

    From Remus Rusanu

  • Try using command prompt.

    Osql –S yourservername –E

    1> EXEC sp_password NULL, 'yourpassword', 'sa'

    2> GO

    This article is given 4 methods to change sql server password, that could be helpful.

    From
Posted by Mu Cat at 8:50 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)