The Voice of the DBA An Administrative Security Hole?

MEVIOtoday

Feb 08, 2010 An Administrative Security Hole?

Someone posted a note recently that they had removed the BUILTIN/Administrators from SQL Server and then couldn't log in anymore. If this happens in Windows, and you lose the admin password, you're re-installing. I thought that would be the case in SQL Server. If you don't have a Windows login with sysadmin rights and you don't know the SA password (or you're in Windows mode), then you need to reinstall, right?

Apparently not. There's a back door in that you can start SQL Server in single user mode, and if you are an administrator, you can connect and you'll be a sysadmin. You can then fix your mistake and go happily on your way. That's pretty cool, and it's a good thing, right?

Read the rest of An Administrative Security Hole? at SQLServerCentral.