As a DBA, your job is to keep your data secure and to meet your requirements, you remove the BUILTIN\Administrators group, disable the sa login, modify the server port, remove all logins for sysadmin permissions, and you can connect to the SQL Server instance, but without sysadmin permissions, how do I resolve this situation?
Then here's a way to log in single-user mode, then create a SQL Server login and give the sysadmin role.
- Open the cmd window and stop the SQL Server service, which shuts down the SQL Server Agent service at the same time:
- After closing, log in to the SQL Server server using single-user mode and enter the net start mssqlserver/f/t3608 (if the named instance: Net start Mssql$instancename):
- After successful startup, type the sqlcmd command, enter the SQL command-line interface, and then create the login [single] with T-SQL and give sysadmin permission:
- Then exit exits and closes the SQL Server service: net stop MSSQLSERVER.
- Then use the Configuration Management tool to open the SQL Server service, and then log on with single, you can see the login name of the single permission is sysadmin.
The above can successfully use the single login to recover SA, add builtin\adminnistrator groups and other operations!
Cannot log in with sysadmin login, the sa password is forgotten, the administrator is locked out