Hi I'm migrating a database to SQL Server 2012, and I have a problem.
Let me start by saying the application (ISV) has horrible security! So try not to cringe too much.
- The app logs in with sa authentication.
- The sa password is hard-coded into the app.
So the sa password on the 2012 instance must match the app login. However, it does not meet the 2012 password requirements.
Is there a way to override this functionality?
-
3The correct response is to fix the app. If it is a commercial app that you have bought, then request that the vendor fix it. If they won't, then change to another app, any app doing this is so full of security holes and so unprofessionally designed, that I would not consider risking my company information by using it.HLGEM– HLGEM2012年10月09日 17:48:45 +00:00Commented Oct 9, 2012 at 17:48
2 Answers 2
Try
ALTER LOGIN sa
WITH PASSWORD = 'password',
CHECK_POLICY = OFF
(I feel dirty now)
In order to mitigate some of the potential horrors this allows, I'd recommend renaming the built-in sa account to something else, then creating a new login called sa with the rights the app actually requires.
-
3You should feel dirty now.mrdenny– mrdenny2012年10月09日 17:21:11 +00:00Commented Oct 9, 2012 at 17:21
-
Useful when working in development environmentsforresthopkinsa– forresthopkinsa2018年02月01日 23:52:48 +00:00Commented Feb 1, 2018 at 23:52
-
I only can give you one +1 for this. For sharing your feelings I'd give another X-Dgorefest– gorefest2022年06月24日 15:07:43 +00:00Commented Jun 24, 2022 at 15:07
I agree with HLGEM. They must change the login account to another one (even if it needs sysadmin or - less problematic, dbowner - privileges on a first moment).
On the other way, you can change the sa pass on SSMS or using ALTER LOGIN (see podiluska's answer).
PS.: Yes, I feel dirty (2). ;-)