Alan's Blog

"Yeah. I wrote a script that will do that."

Menu
  • About My Blog
Menu

Script to change SA password

Posted on April 16, 2008April 26, 2009 by Alan

‘Alan Kaplan for VA VISN 6
’11-16-06
‘This script changes the SA account password on a SQL Database
‘I use the excellent freeware program SQLRecon to get this information,
‘http://www.specialopssecurity.com/labs/sqlrecon/

Option Explicit
Const adOpenStatic = 3
Const adLockOptimistic = 3
Dim sqlRS, strDBServer
Set sqlRS = CreateObject(“ADODB.Recordset”)
Dim message, strPW

Dim oCP,oService,strServiceState, strStartType

Dim WshShell
Set wshShell = WScript.CreateObject(“WScript.Shell”)
strDBServer = wshShell.ExpandEnvironmentStrings(“%COMPUTERNAME%”)


message = “This will set the SA password on a SQL server where the password ” & _
“is currently blank (or forgotten).  ” & VbCrLf & VbCrLf & _
“Integrated authentication must be enabled on the DB ” & _
“for this to work. It is possible (though not likely) that changing the ” & _
“SA password could break an application. Proceed with care! ” & VbCrLf & VbCrLf  & _
“Enter the name of a SQL Database server: “
strDBServer=InputBox(message,”SQL Server Name”,strDBServer)
If strDBServer = “” Then WScript.Quit
strDBServer = UCase(strDBServer) 

GetPW

‘These lines double the length of the password generated by GetPW
Dim strPW1
strPw1 = strPW
GetPW
strPW = strPW1 & StrReverse(strPW)

message = “Enter a complex password, or use this randomly generated one. (CTRL-C to copy to clipboard)”
strPW=InputBox(message,”Password”,strPW)
If strPW = “” Then WScript.Quit

ServiceConnect “MSSQLServer”, “MS SQL Server Service” ‘Double check that you can check service state

If oService.status <> 4 Then ‘make sure SQL is running
 MsgBox “SQL Service not running on ”  & strDBServer,vbcritical + vbokonly,”Error”
  WScript.Quit 100
End If
 
ChangePW
Wscript.Quit(0)  ‘Script ends

‘============= functions and Sub ==================
Sub ChangePW()
 Dim oSQLConn
 Dim message
 Dim strsql
 On Error Resume Next
 Set oSQLConn = CreateObject(“ADODB.Connection”)
 
 ‘Connect to SQL Database
 oSQLConn.Open _
     “Provider = SQLOLEDB;” &_
     “Data Source =” & strDBServer & “;”&_
     “Initial Catalog=master;” & _
     “INTEGRATED SECURITY=sspi;”

 strsql = “EXEC sp_password NULL,'”& strPW &”‘,’SA'”
 sqlRS.Open strSql, oSQLConn, adOpenStatic, adLockOptimistic

 If Err <> 0 Then
  MsgBox “Failed to change SA Password on ” & strDBServer & _
   “. Error Message: ” &  Err.Description, vbCritical + vbOKOnly, strDBServer  
 Else
  MsgBox “Changed SA Password on ” & strDBServer & _
   ” to: ” & strPW, vbInformation + vbOKOnly, strDBServer
 End If
 
 sqlRS.Close
 oSQLConn.Close
 On Error GoTo 0
End Sub

sub GetPW() ‘a mostly random password generator
 Dim lranval
 dim fso ,tname, wd
 dim lRVal,spchar,strlc,lchar
 
 ‘get randomly generated directoryname in format rad*.tmp
 Set fso = CreateObject(“Scripting.FileSystemObject”)
 tname = fso.GetTempName
 
 ‘select a special character
 dim aSpecial
 aSpecial = array(“!”,”@”,”!”,”#”,”*”,”?”,”$”,”~”)
 lranval = randbetween(0,7)
 spchar = aSpecial(lranval)
 
 ‘select a lower case middle char
 lranval = randBetween(97,122)   ‘ Generate random value from lower case ASCII table.
 lchar = Chr(lranval)
 
 ‘get random initial digits and concatenate with above
 lranval = randbetween(1,99)
 strPW = Replace(tname, “.tmp”, spchar)
 strPW = Replace(strPW, “rad”, lchar & lranval)
 strPW = Replace(strPW,”0″,”9″) ‘get rid of confusing characters
 strPW = Replace(strPW,”O”,”o”)
End Sub

Function RandBetween(min,max)
 Randomize   ‘ Initialize random-number generator.
 RandBetween = min + Int(Rnd*(max – min + 1))
End Function

Sub ServiceConnect (strRService, strDisplayName)
 Dim strErr
 On Error Resume Next
 WshShell.Popup “Connecting to ” & strDisplayName & ” on ” & strDBServer ,2,”Connecting”
 Set oCP = GetObject(“WinNT://” & strDBServer & “,computer”)
 Set oService = oCP.GetObject(“Service”, strRService)
 If Err.Number = 424 Then strErr = ” Could not reach server”
 If Err.Number <> 0 Then
  MsgBox “Failed to connect to SQL Server on ”  & strDBServer & _
    “.” &  strErr, vbCritical + vbokonly,”Error”
  WScript.Quit 100
 End If
 On Error GoTo 0
End Sub

Leave a Reply

You must be logged in to post a comment.

Search

Please Note

All the scripts are saved as .txt files. Newer files have a “View Script” button which will let you save or open a script in notepad. For earlier posts, the easiest way to download with IE is to right click on the link and use “Save Target As”. Rename file from Name_ext.txt to Name.ext.

To see a full post after searching, please click on the title.

PowerShell Scripts were written with version 3 or later.

https connections are supported.

All new users accounts must be approved, as are comments. Please be patient.  If you find a post error or a script which doesn’t work as expected, I appreciate being notified.  My email is my first name at the domain name, and you are welcome to contact me that way.

Tags

1E ACLS Active Directory ActiveDirectory ADSI Advanced Functions Audit Change Administrator Password COMObject Computer Groups DateTime Desktop DNS Excel FileScriptingObject Forms General GPO GPS Group Policy Hacks ISE Lockout logons NAV740 Nessus OU OU permissions Outlook Pick Folder Power PowerShell Powershell Scriptlets RDP SCCM schedule reboot Scripting Security Shell.Application user information VBA Windows Update WMI WordPress WPF

Categories

akaplan.com

  • Back to Home Page

Archives

Scripting Sites

  • A Big Pile of Small Things
  • Adam, the Automator
  • Art of the DBA
  • Ashley McGlone
  • Boe Prox
  • Carlo Mancini
  • DexterPOSH
  • Doug Finke
  • Jaap Brasser's Blog
  • JeffOps The Scripting Dutchman
  • Jonathan Medd's Blog
  • Keith Hill's Blog
  • LazyWinAdmin
  • Nana Lakshmanan
  • PowerShell Magazine
  • PowerShell Team Blog
  • PowerShell.org
  • PwrShell.net
  • Richard Siddaway's Blog
  • Ryan Yates' Blog
  • Skatterbrainz
  • The Lonely Administrator

SQL Site

  • Art of the DBA

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
©2025 Alan's Blog | Theme by SuperbThemes

Terms and Conditions - Privacy Policy