Category: C&P

Recover a lost SA password

This article is taken from https://www.sqlshack.com/recover-lost-sa-password/

You configured a new SQL Server instance and lost or forgot the “sa” password

  • All the users who are part of sysadmin server level role are removed accidentally
  • All the users who are part of sysadmin server level role are disabled accidentally
  • Lost sysadmin access to the SQL Server instance

Consider this scenario:

Initially, I was a member of the [BUILTIN\Administrators] group. To illustrate this scenario, I connected to SQL Server using Windows authentication and I deleted all the logins in the SQL Server instance. Please refer to the below image that shows all the logins that were deleted and the login “sa” is disabled.

recover SA password by starting SQL Server in single user mode

I closed the connection and tried to connect the SQL Server instance using the same account which I used earlier. I am unable to log in as I deleted all the logins and the group [BUILTIN\Administrators] from which I gained access earlier. Please refer to the below image that shows login failure error.

login failed.

Now, I’ve lost access to the SQL Server instance. I do not have any login that can connect to the SQL Server instance. I do not know the “sa” login password or even if the “sa” login is disabled.

In this situation, to gain access to your databases, we can re-install the SQL Server instance and attach the databases. This process may take more time and effort.

To gain access to the SQL Server instance back or recover SA password, please follow the below steps.

Start SQL Server in single user mode

We need to start SQL Server in single user mode by adding the parameter -m or –f in the startup parameters. Open SQL Server configuration manager and select the service of SQL Server instance. Right-click and click on the Properties option.

start up parameters to run SQL Server in single user mode

After adding the startup parameter, click on the Apply button and then the OK button in the warning message window.

Restart the SQL Server service to start SQL Server in single user mode. When the SQL Server is started in single user mode, all the users who are a member of the host’s local administrator group can connect to SQL Server instance and they will gain the privileges of server level role sysadmin which helps us to recover SA password.

So, if you are a member of the local administrator group, you can connect to SQL Server instance using SQLCMD or SQL Server Management Studio. In this case, I am using SQLCMD.

Launch the Command Prompt and connect to SQL Server using SQLCMD. You would be able to successfully connect to the SQL Server instance.

connect SQL Server using SQLCMD

Now, if you know the password of “sa” login, just enable the “sa” login and start SQL Server in multi-user mode, connect to SQL Server instance using “sa” login and create whatever logins you need for your application to run.

Please refer to the below T-SQL script to enable “sa” login.

ALTER LOGIN sa enableGO
connect to SQL Server in single user mode to recover SA password

If you do not know the “sa” login password, create a SQL server login using the below T-SQL script.

CREATE LOGIN NewSA WITH PASSWORD = ‘Password@1234’;

Add the login NewSA to the server level role sysadmin. Please use the following T-SQL script to add the SQL Server login to the server level role sysadmin.

ALTER SERVER ROLE sysadmin ADD MEMBER NewSA GO
create sql server logins

Remove the startup parameter -m or -f that is added and restart the SQL Server services. Now, SQL Server instance is started in the multi-user mode and has the login that you created above. Please refer to the below image that shows the connection is established using NewSA login which is created above.

recover SA password

In some cases, you may have not enabled mixed-mode authentication (i.e. SQL Server and Windows authentication mode). In this situation even though we create a SQL Server login, it does not allow us to log in to SQL Server and throws login failed error.

Create a login from Windows account. Execute the following T-SQL script to create a Windows authentication login in SQL Server.

CREATE LOGIN [WIN-UA7IGFIKF25\rangach] FROM WINDOWSGO

Execute the following T-SQL script to add Windows authentication login to server level role sysadmin:

ALTER SERVER ROLE sysadmin ADD MEMBER [WIN-UA7IGFIKF25\rangach]GO

Replace the computer name and the login name with yours.

connect to SQL Server in single user mode from windows authentication

Remove the startup parameter and restart the SQL Server service. Log in to the computer with the same user as above.

Open SQL Server Management Studio and connect to the SQL Server instance using Windows authentication.

Recover SA password.connect SQL Server using windows authentication.

In case you want to create a login from Windows group, execute the following T-SQL script.

CREATE LOGIN [BUILTIN\Administrators] FROM WINDOWS
GO
ALTER SERVER ROLE sysadmin ADD MEMBER [BUILTIN\Administrators]
GO

Linux – Unable to execute basic Bash command

Essential Commands Not Found:

  • The ls command is missing, which is a basic utility in Unix-like systems.
  • The nautilus command is also not found, and attempting to install it resulted in further issues.

Shell Problem:

  • When attempting to switch to csh (C shell), the command is also unavailable.
  • This indicates that the shell environment is not properly configured or essential packages are missing.

General Package/System Issues:

  • The server might be in a minimal installation state or lacks critical tools and utilities.
  • It’s possible that the PATH environment variable is misconfigured, leading to the inability to locate standard system commands.

Dependency or Corruption:

  • If the server was recently updated or reconfigured, there may have been issues with the package manager or repository settings, leading to missing binaries.

Solution

Check PATH:

  • Run echo $PATH to verify if the environment paths are set correctly.
  • Typically, it should include paths like /bin, /usr/bin, /sbin, /usr/sbin.
  • nano ~/.bashrc
  • export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
  • source ~/.bashrc

Reinstall Core Utilities:

  • Try running sudo yum groupinstall "Development Tools" or sudo dnf groupinstall "Development Tools" to restore essential utilities, assuming it’s Red Hat-based.

Ensure Package Manager Functionality:

  • Test if the package manager works: sudo yum update or sudo dnf update
  • If it fails, check for repository issues.

Inspect Shell Configuration:

  • Review the default shell configuration in /etc/passwd for the user rakesh.
  • Revert to bash or another functioning chsh -s /bin/bash username

Check System State:

  • Verify the integrity of installed packages sudo rpm --verify -a
  • Inspect system logs for errors: journalctl -xe

Reset a lost admin password in Ubuntu

Prerequisites

  • You have physical access to the machine or virtual console if using a virtual server.
  • The system is running Ubuntu or a similar Linux distribution.

Step 1: Reboot the System and Access GRUB

  • Restart your machine and hold down the Shift key as it boots up. This will bring up the GRUB bootloader menu. If GRUB doesn’t appear, it may be hidden by default, so make sure to press the Shift key early during the boot sequence.

Step 2: Enter Recovery Mode

  • In the GRUB menu, use the arrow keys to highlight the Ubuntu boot option.
  • Press e to edit the selected boot entry.
  • Find the line that begins with linux and ends with ro quiet splash. Continue the line with:
rw init=/bin/bash

This modification will boot the system with read/write permissions and open a Bash shell.

Step 3: Boot into Root Shell

  • After editing the GRUB entry, press Ctrl + X or F10 to boot with the modified settings. This will boot into a root shell without asking for a password.

Step 4: Reset the Admin Password

  • At the root prompt, type the following command to reset the admin password (replace username with your actual admin username):

passwd username

  • You will be prompted to enter a new password. Type the new password and confirm it when asked.

Important Note: Ensure the password meets the system’s complexity requirements (e.g., minimum length, special characters).

Step 5: Remount the Filesystem as Read-Only

  • Before rebooting the system, remount the filesystem as read-only to avoid filesystem corruption. Run the following command:

mount -o remount,ro /

Step 6: Reboot the System

  • Now reboot the system by typing:

reboot

Your system will restart, and you should now be able to log in with the newly reset admin password.
If you are unable to reboot, can just reset the system.