To re-access SQL Server, you need to modify SQL Server 2000 and SQL Server 7.0 to determine the registry key value of the SQL Server authentication mode.
In SQL Server 7.0, the key is: HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / MSSQLServer / MSSQLServer / LoginMode in SQL Server 2000, the key is: HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / MicrosoftSQLServer / MSSQLServer / LoginMode
The value of "loginmode" is 0 indicates only Windows authentication, and 1 means that the verification mode is mixed mode. After you check yourself, you can change the "loginmode" to 1, restart SQL Server, then log in as SA (System Administrator), enter the SA password you know.
The following information about the role member of SQL Server may help you understand why you will keep yourself outside SQL Server. When you install SQL Server 2000 or 7.0, the installation process automatically creates a login account for "Builtin / Administrators", which is a member of the "sysadmin" role. The "Builtin / Administrators" login account represents the system administrator local group on Microsoft Windows® 2000 or Microsoft Windows NT® Server. The "Administrator" account for Windows 2000 or Windows NT is a member of the system administrator local group. Also, if your server is a member of a domain (including Windows 2000 domain and Windows NT 4.0), the "Domain Admins" global group will also become a member of the local system administrator group. This means that all members of the system administrator local group will automatically get "sysadmin" permissions on SQL Server.
To enhance your SQL Server security, you may be more willing to create your own group and grant it "sysadmin" permissions, then delete the "Builtin / Administrators" login account, or at least remove it from the "sysadmin" server role. Using this method, you can better access your SQL Server to anyone. This method also disconnects the connection between SQL Server system administrators and Windows 2000 or Windows NT administrators, because they usually have different tasks and require different permissions. To enhance security, you may want to configure SQL Server to only support Windows authentication. However, you must remember that this configuration disables your "SA" account. (This method may be the only way to disable the "SA" account, because you cannot delete the "SA" account.) If you implement this security in the wrong order, you will not be able to log in to SQL as "sysadmin". On Server, the registry key value is modified by the method I mentioned above. The correct order is:
Create a Windows 2000 or Windows NT user group and assign members. For example: Creating a group called "SQLADMINS". Map "SQLADMINS" to the SQL Server to verify the logged in the login with a Windows authentication method and assign the account to the "sysadmin" server role. Delete the "Builtin / Administrat" login account or remove it from the "SySAdmin" server role. Change the authentication mode of SQL Server to "only Windows Authentication". Restart SQL Server to reflect changes in authentication mode. Note: If you implement these steps in this error order: Delete the "Builtin / Administrat" login account, change the SQL Server authentication mode to "perform Windows Authentication only", then restart SQL Server, then "SA" The account will be disabled, and because the other Windows authentication login account is not defined and the SQL Server cannot be entered. In order to avoid this, implement these security measures in the correct order.
After reading these, press Step, everything is OK!
