Changing Passwords

  • Comments posted to this topic are about the item Changing Passwords

  • Nice, easy question to start the day on, thanks Steve

    ____________________________________________
    Space, the final frontier? not any more...
    All limits henceforth are self-imposed.
    “libera tute vulgaris ex”

  • Stewart "Arturius" Campbell - Wednesday, February 15, 2017 10:57 PM

    Nice, easy question to start the day on, thanks Steve

    Heh, apparently not quite that easy judging from the number of incorrect answers at this point. But it was new stuff to me so I researched before answering. Nice to learn something new.

  • I found I was confused as to what this question meant. 
    The thing that threw me was "the password on a linked server" - does that mean a linked server set up so that there is only one password, "the password"?   I hope I'm changing a password for an individual, rather that for the world and all its dogs If I let the world and all its dogs share the same password (which seems crazy to me!) I probably get fired for not carryig out my responsability to ensure decent security and attributability of changes, because it's totally against any sane security rules, any certainly precluses any meaningful audit of remote server access.  So I would expect to drop and recreate NOT the linked server but an individual mapping, and I would do it by calling sp_droplinkedsrvlogin and them sp_addlinkedsrvlogin, but that isn't one of the options in the QotD.  Besides, if the linked server is in the same domain as the client and windows authentication is used, logins ought to be by windows authentication so the useselt paramater was "true" when the connection was set up and to change the password I have to change that usesr's password in the domain in which he is registered - and exactly the same applies if cross-domain trusts at windows level are used to enable needful users to access stuff on other domains within the same enterprise.
    So I ended up asking myself "is this really a question about how to do something which is bad security practice or have I misunderstood it altogether?"  and using a randomising method to choose betweenwhat I think are  two wrong (from a security point of view) answers (options 1 and 4) because they were the only answers which didn't involve using non-existent T-SQL commands.

    Tom

  • I thought it was simple, but I have a number of linked servers.  However, one of the answers did make me pause and think for a moment because I started to question what I thought I knew.  At least I still know what I thought I knew and it hasn't changed.

  • Not terribly hard - even for somebody who hates to see these ^#@%@$ things in the environment.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply