Suppose a SQL Server instance only allows " SQL Authentication " mode to log into the database, and the bad thing is that you forget the password for sa (sa should be disabled for security reasons, this is just to describe the problem) or other login with sysadmin role password? I personally encountered such a case. A colleague from HK installed a SQL Server database for testing on a test server, and then the colleague did not hand over any information on the test server before leaving. That's trouble now. I don't have any permissions, how can I get sysadmin permissions? Or there are many scenarios that require you to obtain the sysadmin privilege of the database. For example, you want to do something bad.... In fact, this problem is not difficult, as long as you have the system administrator privilege of the SQL Server database.
First of all, let me explain that the following script has been tested in the SQL Server 2012 and 2014 environment. Let's take a look at how to obtain the sysamdin permission of the database with only the administrator permission of the operating system.
In fact, before elaborating on this issue, it may be necessary to talk about the account ([builtin\administrators]). In the SQL Server 2005 version, the [builtin\administrators] login name in the database has the sysadmin role by default, so if it is SQL Server 2005 Database, as long as you have the administrator privileges of the operating system, then you can actually log in to the database with Windows authentication (provided that the server allows Windows authentication login), you can modify the sa account password after logging in, but it will be removed in subsequent versions. Built-in system account ([builtin\administrators]). So how does the usual way to do it?
In fact, as long as you have administrator rights of the operating system, then with the help of the sqlcmd tool, it is very easy and simple to obtain an account with the sysadmin role.
C:\>
C:\>
C:\>sqlcmd -E
1> ALTER LOGIN sa WITH PASSWORD='qWeR123456';
2> GO
1>
The parameter -E means that [-E trusted connection] is -E by default. As shown above, go in and change the password of sa, and then log in to test to find that sa is disabled. Use the SQL statement to allow sa to log in. As follows:
Of course, you can also create an account to grant the sysadmin role. No problem at all.
C:\>sqlcmd -E
1> CREATE LOGIN [xxx\xxx] FROM WINDOWS WITH DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english]
2> GO
1> ALTER SERVER ROLE [sysadmin] ADD MEMBER [xxx\xxx]
2> GO
Or SQL authentication account
C:\>sqlcmd -E
1> CREATE LOGIN [test1] WITH PASSWORD=N'Qw123456', DEFAULT_DATABASE=[master], DE
FAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
2> GO
1>
2>
3> ALTER SERVER ROLE [sysadmin] ADD MEMBER [test1]
4> GO
1>
There are also related articles on the Internet that introduce how to obtain or modify the sa account. There is a lot of trouble: "You need to close the database, and then start the SQL Server database in single-user mode " . In fact, it is not necessary at all, it is simple to deal with.