Impact of changing sa password in SQL Server 2000 | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

Impact of changing sa password in SQL Server 2000

Anybody knows the impact of changing sa password in SQl Server 2000 ?
Please reply.
There should be no impact because it shouldn’t be used. You need to figure out what’s using it though before you change it, so you know this for certain. Run profiler or a trace and check all sa logins. Make sure there is no activity. After you change it, run Profiler or a trace to check for failed logins. You should be running this anyway for security reasons.<br /><br />Also, make sure you don’t have any linked servers using sa. When you change it this time, change it to something long and cryptic, then never use it for anything ever again. [<img src=’/community/emoticons/emotion-1.gif’ alt=’:)‘ />]<br /><br /><br /><br />MeanOldDBA<br />[email protected]<br /><br />When life gives you a lemon, fire the DBA.
It is entire depends on how you have implemeneted your functionalities.
For example if you used sa for DTS packages, then changing sa password will be effeted to running of the DTS.
Before changing the password, verify all the places you have used the sa and it’s pasword. then proceed with the changing
quote:Originally posted by try mafat Anybody knows the impact of changing sa password in SQl Server 2000 ?
Please reply.

ENsure the application is not using the SA login to perform the activities. Satya SKJ
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
i feel changing sa password can impact all those activities dependent on sa login like ur client application or ur scheduled packages and other servers where it is linked and other replication task if any. by changing the password u need to change all those activities if its possible then its not going to create issues anymore.
Thank you all for quick reply. What if I have created all login accounts, tables and SPs under sa
account will that work or not. Thanks once again.
No, only if a user or a client application tries to connect to the database using "sa" as the login name, then the correct password must be used. A password is only required for logging on to the database, not for accessing any objects once the connection is established. For accessing any database object, the login must have permissions on that object. These permissions can be granted directly to the login, or to a database role or a server role. A login that is a member of a database role or a server role has all permissions that have been granted to the role. A login can be a member of multiple roles. Permissions can also be denied. When a specific permission is denied for the login itself or for one of the roles to which the login belongs, then it does not matter if the same permission is granted for the login or for one of its roles: the denial overrules any grant. Finally, a permission can also be neither granted nor denied to a given login or a given role. This allows you to stack and subdivide permissions more easily.