Re: Thursday Funny Request
Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.comwrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.comwrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
That was understood I am just wondering how this person got to be a DBA or at the least has been allowed to remain a DBA. Jon On Thu, Dec 17, 2009 at 8:45 AM, Sherry Abercrombie saber...@gmail.comwrote: A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
Sherri, When you do respond ask them if they need the SS numbers of everyone in the organization and their banking information. I would be peev'd, too! On Dec 17, 2009 8:46 AM, Sherry Abercrombie saber...@gmail.com wrote: A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you ... Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Thursday Funny Request
Now what would really piss me off if your pointy haired and clueless boss came over and made you change it. Can I call you Alice? J From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 6:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States This message contains confidential information and is intended only for the intended recipient(s). If you are not the named recipient you should not read, distribute or copy this e-mail. Please notify the sender immediately via e-mail if you have received this e-mail by mistake; then, delete this e-mail from your system. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: RE: Thursday Funny Request
Oh! Can I be Wally? On Dec 17, 2009 8:53 AM, Eldridge, Dave d...@parkviewmc.com wrote: Now what would really piss me off if your pointy haired and clueless boss came over and made you change it. Can I call you Alice? J *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 6:46 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS t... On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic Sent from Keller, TX, United States This e-mail contains the thoughts and opinions of the sender and does not represent official Parkview Medical Center policy. This communication is intended only for the recipient(s) named above, may be confidential and/or legally privileged: and, must be treated as such in accordance with state and federal laws. If you are not the intended recipient, you are hereby notified that any use of this communication, or any of its contents, is prohibited. If you have received this communication in error, please return to sender and delete the message from your computer system.{token} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: RE: Thursday Funny Request
I wanna be Dogbert. He's my hero... *** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *** -Original Message- From: Daniel Rodriguez [mailto:drod...@gmail.com] Sent: Thursday, December 17, 2009 6:59 AM To: NT System Admin Issues Subject: Re: RE: Thursday Funny Request Oh! Can I be Wally? On Dec 17, 2009 8:53 AM, Eldridge, Dave d...@parkviewmc.com wrote: Now what would really piss me off if your pointy haired and clueless boss came over and made you change it. Can I call you Alice? J ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
I always thought that the law of natural selection would have gotten rid of most of these kinds of individuals. Guess the gene pool is not as clean as one would have hoped. I mean to stick you hand into a hornets nest by accident is one thing to stick it in to find out if they will sting you is another. Jon On Thu, Dec 17, 2009 at 8:45 AM, Sherry Abercrombie saber...@gmail.comwrote: A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Thursday Funny Request
A complex password is so easy to create this sentence is one. *Any* properly formatted sentence is an adequately complex password. People see me enter my password and ask how do you remember all that?. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password - does SQL not allow spaces in passwords? You security experts, is Sr2FDeT2M0hProYMs a more complex password than There once was a man from Nantucket.? The latter is a 35 character password that I'm sure most of you could remember. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 5:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.commailto:jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.commailto:saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
I'll respond to this one seriously, since I've had a few applications which install SQL instances fail like this. The installer program may not function correctly because it sets an SA password that isn't complex enough for your environment, therefore the application cannot be installed. It may be that the SA account is never used again after the installer is done, in which case set the SA account to be complex after the application has been installed. Optionally, the machine in question can be removed from the AD, application installed and rejoined to the AD. In the same case the SA password should be changed to match complexity requirements. On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.comwrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. **Any** properly formatted sentence is an adequately complex “password”. People see me enter my password and ask “how do you remember all that?”. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password – does SQL not allow spaces in passwords? You security experts, is “Sr2FDeT2M0hProYMs” a more complex password than “There once was a man from Nantucket.”? The latter is a 35 character password that I’m sure most of you could remember. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 5:46 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Thursday Funny Request
But ya doesn't has to call me Johnson! Bill Lambert Concuity Phone 847-941-9206 The information contained in this e-mail message, including any attached files, is intended only for the personal and confidential use of the recipient(s) named above. If you are not the intended recipient (or authorized to receive information for the recipient) you are hereby notified that you have received this communication in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and delete all copies of this message. Thank you. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 8:32 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. *Any* properly formatted sentence is an adequately complex password. People see me enter my password and ask how do you remember all that?. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password - does SQL not allow spaces in passwords? You security experts, is Sr2FDeT2M0hProYMs a more complex password than There once was a man from Nantucket.? The latter is a 35 character password that I'm sure most of you could remember. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 5:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: RE: Thursday Funny Request
Only if you keep Eddy Haskel away! (Now, let's see into how many directions this can diverge...) -- richard Daniel Rodriguez drod...@gmail.com wrote on 12/17/2009 07:59:21 AM: Oh! Can I be Wally? On Dec 17, 2009 8:53 AM, Eldridge, Dave d...@parkviewmc.com wrote: Now what would really piss me off if your pointy haired and clueless boss came over and made you change it. Can I call you Alice? J From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 6:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS t... On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic Sent from Keller, TX, United States This e-mail contains the thoughts and opinions of the sender and does not represent official Parkview Medical Center policy. This communication is intended only for the recipient(s) named above, may be confidential and/or legally privileged: and, must be treated as such in accordance with state and federal laws. If you are not the intended recipient, you are hereby notified that any use of this communication, or any of its contents, is prohibited. If you have received this communication in error, please return to sender and delete the message from your computer system.{token} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Thursday Funny Request
That is the part I don't get. Based upon his/her request the installer shouldn't even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain 'simple' after the install.Just because I am curious I would love to hear the rest of this story. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 9:32 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: A complex password is so easy to create this sentence is one. *Any* properly formatted sentence is an adequately complex password. People see me enter my password and ask how do you remember all that?. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password - does SQL not allow spaces in passwords? You security experts, is Sr2FDeT2M0hProYMs a more complex password than There once was a man from Nantucket.? The latter is a 35 character password that I'm sure most of you could remember. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:saber...@gmail.commailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 5:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.commailto:jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.commailto:saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.orgwrote: That is the part I don’t get. Based upon his/her request the installer shouldn’t even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain ‘simple’ after the install…..Just because I am curious I would love to hear the rest of this story. *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 9:32 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. **Any** properly formatted sentence is an adequately complex “password”. People see me enter my password and ask “how do you remember all that?”. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password – does SQL not allow spaces in passwords? You security experts, is “Sr2FDeT2M0hProYMs” a more complex password than “There once was a man from Nantucket.”? The latter is a 35 character password that I’m sure most of you could remember. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 5:46 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Thursday Funny Request
We have had to fulfill similar requests and the solution is as Johnathan Link says- disjoin, set PW, rejoin. 2008 Domains allow separate password policies, in which case you'd just apply the appropriate password GPO to that system, make the change, then flip it back. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 6:32 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: A complex password is so easy to create this sentence is one. *Any* properly formatted sentence is an adequately complex password. People see me enter my password and ask how do you remember all that?. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password - does SQL not allow spaces in passwords? You security experts, is Sr2FDeT2M0hProYMs a more complex password than There once was a man from Nantucket.? The latter is a 35 character password that I'm sure most of you could remember. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:saber...@gmail.commailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 5:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.commailto:jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.commailto:saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
They have an SA password that they use for all their databases. This is something to do with calculating taxes, at least that's what the server is, oh and I didn't mention, this server is in the test environment, we've also got two additional servers for this purpose one in Dev and one in production. Nope it's not gonna happen. We'll remove it from the domain (2003 domain) and he can just deal with it. On Thu, Dec 17, 2009 at 8:52 AM, Jonathan Link jonathan.l...@gmail.comwrote: It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: That is the part I don’t get. Based upon his/her request the installer shouldn’t even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain ‘simple’ after the install…..Just because I am curious I would love to hear the rest of this story. *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 9:32 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. **Any** properly formatted sentence is an adequately complex “password”. People see me enter my password and ask “how do you remember all that?”. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password – does SQL not allow spaces in passwords? You security experts, is “Sr2FDeT2M0hProYMs” a more complex password than “There once was a man from Nantucket.”? The latter is a 35 character password that I’m sure most of you could remember. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 5:46 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
I always thought that the law of natural selection would have gotten rid of most of these kinds of individuals. NOPE, they work cheap and the PHBs out there like a small payroll On Thu, Dec 17, 2009 at 9:05 AM, Jon Harris jk.har...@gmail.com wrote: I always thought that the law of natural selection would have gotten rid of most of these kinds of individuals. Guess the gene pool is not as clean as one would have hoped. I mean to stick you hand into a hornets nest by accident is one thing to stick it in to find out if they will sting you is another. Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
They may have an SA password they use and have an SOP to change it as soon as an application is installed. In this case, the installer is getting an error when it attempts to set the SA password to one that is less complex than what your AD would like. There are three options to resolve this. First is to relax the policy, which I agree with you, you shouldn't do. The second is to pull the machine from the domain, complete the install, change the SA password, add back to the domain. The final option is to find the installer script file for the application, edit it so it changes the SA password to something complex enough. However, I don't like to go mucking about in SQL installer scripts unless I have a really good reason (this isn't one). It's much simpler to remove from AD and add back in. He made the request, because the error message says that's what he needs. I wouldn't expect any less from a DBA. As a sysadmin you need to flog him gently and give him the options your comfortable with. On Thu, Dec 17, 2009 at 9:58 AM, Sherry Abercrombie saber...@gmail.comwrote: They have an SA password that they use for all their databases. This is something to do with calculating taxes, at least that's what the server is, oh and I didn't mention, this server is in the test environment, we've also got two additional servers for this purpose one in Dev and one in production. Nope it's not gonna happen. We'll remove it from the domain (2003 domain) and he can just deal with it. On Thu, Dec 17, 2009 at 8:52 AM, Jonathan Link jonathan.l...@gmail.comwrote: It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: That is the part I don’t get. Based upon his/her request the installer shouldn’t even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain ‘simple’ after the install…..Just because I am curious I would love to hear the rest of this story. *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 9:32 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. **Any** properly formatted sentence is an adequately complex “password”. People see me enter my password and ask “how do you remember all that?”. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password – does SQL not allow spaces in passwords? You security experts, is “Sr2FDeT2M0hProYMs” a more complex password than “There once was a man from Nantucket.”? The latter is a 35 character password that I’m sure most of you could remember. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 5:46 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States -- Sherry Abercrombie Any sufficiently advanced technology
RE: Thursday Funny Request
Honestly, If you are using SA to access databases, you should or the owner of said application should be flogged mercilessly, along with being tarred and feathered and dunked in a deep fat frier. That is one of the worse security issues with SQL, the use of SQL authentication along with giving SA rights. Editing a script to install SQL is cake and including the SA password, which should be different than any other SA password for any database should be done as a best practice. That and ripping the local administrators out of the System Administrators for SQL by default. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, December 17, 2009 10:43 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request They may have an SA password they use and have an SOP to change it as soon as an application is installed. In this case, the installer is getting an error when it attempts to set the SA password to one that is less complex than what your AD would like. There are three options to resolve this. First is to relax the policy, which I agree with you, you shouldn't do. The second is to pull the machine from the domain, complete the install, change the SA password, add back to the domain. The final option is to find the installer script file for the application, edit it so it changes the SA password to something complex enough. However, I don't like to go mucking about in SQL installer scripts unless I have a really good reason (this isn't one). It's much simpler to remove from AD and add back in. He made the request, because the error message says that's what he needs. I wouldn't expect any less from a DBA. As a sysadmin you need to flog him gently and give him the options your comfortable with. On Thu, Dec 17, 2009 at 9:58 AM, Sherry Abercrombie saber...@gmail.com wrote: They have an SA password that they use for all their databases. This is something to do with calculating taxes, at least that's what the server is, oh and I didn't mention, this server is in the test environment, we've also got two additional servers for this purpose one in Dev and one in production. Nope it's not gonna happen. We'll remove it from the domain (2003 domain) and he can just deal with it. On Thu, Dec 17, 2009 at 8:52 AM, Jonathan Link jonathan.l...@gmail.com wrote: It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: That is the part I don't get. Based upon his/her request the installer shouldn't even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain 'simple' after the install.Just because I am curious I would love to hear the rest of this story. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 9:32 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. *Any* properly formatted sentence is an adequately complex password. People see me enter my password and ask how do you remember all that?. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password - does SQL not allow spaces in passwords? You security experts, is Sr2FDeT2M0hProYMs a more complex password than There once was a man from Nantucket.? The latter is a 35 character password that I'm sure most of you could remember. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, December 17, 2009 5:46 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request A complex password is S easy to create, just
Re: Thursday Funny Request
I like dr0...@p myself... On Thu, Dec 17, 2009 at 5:45 AM, Sherry Abercrombie saber...@gmail.comwrote: A complex password is S easy to create, just look at what is used whenever you go to a MS training class: p...@ssw0rd, or something along those lines. Even todays date configured correctly meets the password complexity requiremends17December2009. Sheesh...now I've quit laughing and am bordering on being pissed off. On Thu, Dec 17, 2009 at 7:39 AM, Jon Harris jk.har...@gmail.com wrote: Sounds to me like you have some people working as DBA's that should be watched ALL the time to me. Jon On Thu, Dec 17, 2009 at 8:37 AM, Sherry Abercrombie saber...@gmail.com wrote: Got this request from on of our DBA's, I'm waiting to respond until after I stop laughing hysterically: Need domain policy temporarly changed on dbaserver to remove requirment for Windows complex password, so application can be installed and then the policy can be reactivated. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke Sent from Keller, TX, United States ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Thursday Funny Request
Honestly, I'm not using SA to access databases, neither are my applications. However, one of our vendors sets an SA password and then requires Windows credentials and disables SQL users. I have no idea why the vendor does it that way, I've called to complain and have been told that it will be addressed in the next realease. In the interim, I don't want to get into a war with a vendor that goes along the lines, of you modified our installer script, therfore you're not supported. They haven't released an updated script, and while I do know what to change, it's just not a risk I'm willing to take when I have a viable, if annoying alternative. This isn't a niche app, it's essentially our we can't do business without this software app. On Thu, Dec 17, 2009 at 12:07 PM, Ziots, Edward ezi...@lifespan.org wrote: Honestly, If you are using SA to access databases, you should or the owner of said application should be flogged mercilessly, along with being tarred and feathered and dunked in a deep fat frier. That is one of the worse security issues with SQL, the use of SQL authentication along with giving SA rights. Editing a script to install SQL is cake and including the SA password, which should be different than any other SA password for any database should be done as a best practice. That and ripping the local administrators out of the System Administrators for SQL by default. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 -- *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] *Sent:* Thursday, December 17, 2009 10:43 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request They may have an SA password they use and have an SOP to change it as soon as an application is installed. In this case, the installer is getting an error when it attempts to set the SA password to one that is less complex than what your AD would like. There are three options to resolve this. First is to relax the policy, which I agree with you, you shouldn't do. The second is to pull the machine from the domain, complete the install, change the SA password, add back to the domain. The final option is to find the installer script file for the application, edit it so it changes the SA password to something complex enough. However, I don't like to go mucking about in SQL installer scripts unless I have a really good reason (this isn't one). It's much simpler to remove from AD and add back in. He made the request, because the error message says that's what he needs. I wouldn't expect any less from a DBA. As a sysadmin you need to flog him gently and give him the options your comfortable with. On Thu, Dec 17, 2009 at 9:58 AM, Sherry Abercrombie saber...@gmail.com wrote: They have an SA password that they use for all their databases. This is something to do with calculating taxes, at least that's what the server is, oh and I didn't mention, this server is in the test environment, we've also got two additional servers for this purpose one in Dev and one in production. Nope it's not gonna happen. We'll remove it from the domain (2003 domain) and he can just deal with it. On Thu, Dec 17, 2009 at 8:52 AM, Jonathan Link jonathan.l...@gmail.com wrote: It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: That is the part I don’t get. Based upon his/her request the installer shouldn’t even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain ‘simple’ after the install…..Just because I am curious I would love to hear the rest of this story. *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 9:32 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. **Any** properly formatted sentence is an adequately complex “password”. People see me enter my password and ask “how do you remember all that?”. A 25 character sentence is easier to remember than some bizarre mix of random characters of half the length. Even 17 December 2009 is a complex password – does SQL not allow spaces in passwords? You security experts, is “Sr2FDeT2M0hProYMs” a more complex password than “There once was a man from
Re: Thursday Funny Request
So, they would have less problems with the system changing domain membership than with the script being updated to install? Wow. Sent from my Verizon Wireless BlackBerry -Original Message- From: Jonathan Link jonathan.l...@gmail.com Date: Thu, 17 Dec 2009 13:19:11 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: Re: Thursday Funny Request Honestly, I'm not using SA to access databases, neither are my applications. However, one of our vendors sets an SA password and then requires Windows credentials and disables SQL users. I have no idea why the vendor does it that way, I've called to complain and have been told that it will be addressed in the next realease. In the interim, I don't want to get into a war with a vendor that goes along the lines, of you modified our installer script, therfore you're not supported. They haven't released an updated script, and while I do know what to change, it's just not a risk I'm willing to take when I have a viable, if annoying alternative. This isn't a niche app, it's essentially our we can't do business without this software app. On Thu, Dec 17, 2009 at 12:07 PM, Ziots, Edward ezi...@lifespan.org wrote: Honestly, If you are using SA to access databases, you should or the owner of said application should be flogged mercilessly, along with being tarred and feathered and dunked in a deep fat frier. That is one of the worse security issues with SQL, the use of SQL authentication along with giving SA rights. Editing a script to install SQL is cake and including the SA password, which should be different than any other SA password for any database should be done as a best practice. That and ripping the local administrators out of the System Administrators for SQL by default. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 -- *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] *Sent:* Thursday, December 17, 2009 10:43 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request They may have an SA password they use and have an SOP to change it as soon as an application is installed. In this case, the installer is getting an error when it attempts to set the SA password to one that is less complex than what your AD would like. There are three options to resolve this. First is to relax the policy, which I agree with you, you shouldn't do. The second is to pull the machine from the domain, complete the install, change the SA password, add back to the domain. The final option is to find the installer script file for the application, edit it so it changes the SA password to something complex enough. However, I don't like to go mucking about in SQL installer scripts unless I have a really good reason (this isn't one). It's much simpler to remove from AD and add back in. He made the request, because the error message says that's what he needs. I wouldn't expect any less from a DBA. As a sysadmin you need to flog him gently and give him the options your comfortable with. On Thu, Dec 17, 2009 at 9:58 AM, Sherry Abercrombie saber...@gmail.com wrote: They have an SA password that they use for all their databases. This is something to do with calculating taxes, at least that's what the server is, oh and I didn't mention, this server is in the test environment, we've also got two additional servers for this purpose one in Dev and one in production. Nope it's not gonna happen. We'll remove it from the domain (2003 domain) and he can just deal with it. On Thu, Dec 17, 2009 at 8:52 AM, Jonathan Link jonathan.l...@gmail.com wrote: It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: That is the part I don’t get. Based upon his/her request the installer shouldn’t even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she is asking for the password to remain ‘simple’ after the install…..Just because I am curious I would love to hear the rest of this story. *From:* Sherry Abercrombie [mailto:saber...@gmail.com] *Sent:* Thursday, December 17, 2009 9:32 AM *To:* NT System Admin Issues *Subject:* Re: Thursday Funny Request What I want to know is what kind of application in 2009 requires a network password to not be complex to be installed? I'm just glad he's not in the office yet because I would have to rip him to shreds.yeah you can call me alice. On Thu, Dec 17, 2009 at 8:14 AM, David Lum david@nwea.org wrote: A complex password is so easy to create this sentence is one. **Any** properly formatted sentence is an adequately complex “password
RE: Thursday Funny Request
Then I agree there isn't much you are going to be able to do until the vendor fixes there stuff. I just don't see that they are setting SA password, and then requiring Windows authentication accordingly. You can map Windows Login to SQL permissions accordingly, to give them enough to install with, without having to give or reset SA. Could just create an empty database, and restore the db from backup ( seen that done quite a few times) Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 From: asbz...@gmail.com [mailto:asbz...@gmail.com] Sent: Thursday, December 17, 2009 1:48 PM To: NT System Admin Issues Subject: Re: Thursday Funny Request So, they would have less problems with the system changing domain membership than with the script being updated to install? Wow. Sent from my Verizon Wireless BlackBerry From: Jonathan Link jonathan.l...@gmail.com Date: Thu, 17 Dec 2009 13:19:11 -0500 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: Re: Thursday Funny Request Honestly, I'm not using SA to access databases, neither are my applications. However, one of our vendors sets an SA password and then requires Windows credentials and disables SQL users. I have no idea why the vendor does it that way, I've called to complain and have been told that it will be addressed in the next realease. In the interim,I don't want to get into a war with a vendor that goes along the lines, of you modified our installer script, therfore you're not supported. They haven't released an updated script, and while I do know what to change, it's just not a risk I'm willing to take when I have a viable, if annoying alternative. This isn't aniche app, it's essentially our we can't do business without this software app. On Thu, Dec 17, 2009 at 12:07 PM, Ziots, Edward ezi...@lifespan.org wrote: Honestly, If you are using SA to access databases, you should or the owner of said application should be flogged mercilessly, along with being tarred and feathered and dunked in a deep fat frier. That is one of the worse security issues with SQL, the use of SQL authentication along with giving SA rights. Editing a script to install SQL is cake and including the SA password, which should be different than any other SA password for any database should be done as a best practice. That and ripping the local administrators out of the System Administrators for SQL by default. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, December 17, 2009 10:43 AM To: NT System Admin Issues Subject: Re: Thursday Funny Request They may have an SA password they use and have an SOP to change it as soon as an application is installed. In this case, the installer is getting an error when it attempts to set the SA passwordto one that isless complex than what your AD would like. There are three options to resolve this.First is to relax the policy, which I agree with you, you shouldn't do. The second is topull the machine from the domain, complete the install, change the SA password, add back to the domain. The final option is to find the installer script file for the application, edit it so it changes the SA password to something complex enough. However, I don't like to go mucking about in SQL installer scripts unless I have a really good reason (this isn't one). It's much simpler to remove from AD and add back in. He made the request, because the error message says that's what he needs. I wouldn't expect any less from a DBA. As a sysadmin you need to flog him gently and give him the options your comfortable with. On Thu, Dec 17, 2009 at 9:58 AM, Sherry Abercrombie saber...@gmail.com wrote: They have an SA password that they use for all their databases. This is something to do with calculating taxes, at least that's what the server is, oh and I didn't mention, this server is in the test environment, we've also got two additional servers for this purpose one in Dev and one in production. Nope it's not gonna happen. We'll remove it from the domain (2003 domain) and he can just deal with it. On Thu, Dec 17, 2009 at 8:52 AM, Jonathan Link jonathan.l...@gmail.com wrote: It's the SA password. Is this thing on? On Thu, Dec 17, 2009 at 9:49 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: That is the part I dont get. Based upon his/her request the installer shouldnt even need to know the password. It should just install with the logged in credentials. And if it chokes on a complex password during install maybe because of a service it installs it will choke afterwards too. Unless he/she