i put myself in a big problem
-
yes you are right Dear Scott in every words you said, i took this risk cuz i want to have a backup DC, the management don't care about backup while everything is running OK,
-
You should be ready to defend the fact that the system was "designated" trivial by whoever made it physical and decided that backups weren't needed. You made two mistakes here yourself, yes, but had this system been treated like a business tool instead of like someone's hobby at home this would not have happened. So the fault is shared. This is a good opportunity to talk to management about how they don't take their business as seriously as most of us would take our desktops or laptops at home. To most of us, they don't consider their business as serious as we would consider a hobby, let alone something personal but important.
-
@IT-ADMIN said:
yes you are right Dear Scott in every words you said, i took this risk cuz i want to have a backup DC, the management don't care about backup while everything is running OK,
So a very important learning situation here for you personally are these:
- Never forget who owns the network. It is not yours, it is theirs. If it isn't important to them, it is not important to you. Never cross that line of feeling that it is your network, it is not. That feeling will cause you to have emotional reactions and make you likely to do very bad things (the AJ scenario). You need to manage it in the way that they want, not in the way that you want.
- Don't take on risks personally to do things. There is not a reason to do this. Most IT pros have the same feelings that you do, it is really hard to not want to do things "right" or "better" but that should be a business decisions, not a personal one, unless the decision is given to you by the business. Do not take on personal risk to try to protect a business that does not want to protect itself.
-
As far as moving forward, check out this link and see if you can make new accounts to access the database.
-
thank you guys for your help
i don't have the mood to try anything now cuz really this problem makes me tired and it is 1:16 PM now,
so i have to sleep now and tomorrow i will try what you told mesee you guys tomorrow
have a great night
-
@IT-ADMIN said:
thank you guys for your help
i don't have the mood to try anything now cuz really this problem makes me tired and it is 1:16 PM now,
so i have to sleep now and tomorrow i will try what you told mesee you guys tomorrow
have a great night
Good luck, hit us up when you start working on this tomorrow and we will see what we can do to help.
-
Sounds like you are having a rough day. Get some rest and maybe we can get this fixed tomorrow. Has anyone noticed yet?
-
u should make a backup before u did this my fren ..
-
@Dashrender said:
@IT-ADMIN said:
the problem is that the SQL service doesn't want to run, it gives an error
that should be easy to fix
go to services and double click SQL and look what account it's using.
then create account on your domain give it a GOOD passwordthen go back to the service and put the domainname\user for the username and type in your password.. and you should be good to go for starting SQL.
thank you very much dude, you really saved me, the problem was due to SQL service not running because it was set to run using a local account, off course after this account was deleted the service cannot run, as soon as i changed the service logon account to domain administrator the service start successfully and the connection was successful
ouuuf it was a terrible nightmare but also a lesson
thank you @dashrender and thank you guys
-
Now that you have that working, don't stop there!
Create a dedicated user account in AD for SQL. Then assign it local admin rights on the SQL server. The replace the domain admin credentials you currently have running SQL.
Reasons for doing this: If you leave the Domain Admin user in there for SQL, if SQL is compromised, the hacker will have Domain Admin level privileges to your entire domain.
-
@Dashrender said:
Now that you have that working, don't stop there!
Create a dedicated user account in AD for SQL. Then assign it local admin rights on the SQL server. The replace the domain admin credentials you currently have running SQL.
Reasons for doing this: If you leave the Domain Admin user in there for SQL, if SQL is compromised, the hacker will have Domain Admin level privileges to your entire domain.
thank you for your advice, but i no longer care about security since everything is fine lol
as Scott mentioned: why i should care about the business if the owner don't care
i fear if i change something now i may get an issue, so i will just keep everything as it is -
@IT-ADMIN said:
thank you for your advice, but i no longer care about security since everything is fine lol
as Scott mentioned: why i should care about the business if the owner don't care
i fear if i change something now i may get an issue, so i will just keep everything as it isBecause you have changed the situation from what it was before. Before you upgraded to AD, the account was local, limiting liability only to that machine. Now if SQL is hacked, they potentially have full access to your entire network.
Making my suggested change will at least get you mostly back to the previous state, but not fully.
-
ok i do what you told me but i have to restart the SQL service so that the new logon account will take effect, when the HR Dept finish working with the payroll application then i can restart it
-
@IT-ADMIN said:
ok i do what you told me but i have to restart the SQL service so that the new logon account will take effect, when the HR Dept finish working with the payroll application then i can restart it
Sounds like a good plan
-
@Dashrender said:
@IT-ADMIN said:
ok i do what you told me but i have to restart the SQL service so that the new logon account will take effect, when the HR Dept finish working with the payroll application then i can restart it
Sounds like a good plan
thank you Sir
-
Glad to hear that everything is back up and working. Did anyone notice very much?
-
@scottalanmiller said:
Glad to hear that everything is back up and working. Did anyone notice very much?
hhhhh, no, the problem was solved silently
-
@IT-ADMIN said:
@scottalanmiller said:
Glad to hear that everything is back up and working. Did anyone notice very much?
hhhhh, no, the problem was solved silently
That's what I was wondering. Good deal.
-
You had an entire day of downtime on this and no one noticed?
-
i didn't contacted the technical support, otherwise the issue will spread out
fortunately i was able to solve it by your advises