SQL Dumbass

Fighting dumbasses, one query at a time…

Rah Rah Sis Boom SAaaaaaaaa

Chalk this up to the Third-Party Vendors Suck Department:
When are these flies on the potato salad at the IT Picnic going to get it through their Red Bull-addled brains that SA is off limits?  I had to deal with a webex session only for the point of entering the password into a textbox on a form for a combined application/database installation.  The password was not displayed as plain text (good), but the installation failed.  The failure was a blessing to me; we started troubleshooting the failure and determined the password for the SA login was stored in plain text in 3 separate log files and 2 batch files.

Furthermore, the database installation could have been handled separately by supplying a batch file with the associated .sql files it called to the DBA with instructions.  Ultimately, the process did not even require SA rights, but only the ability to create a database and a login.

I give this vendor credit though.  The did ask after the fact what my recommendations are for the install process and agreed that the pwd issue was unacceptable.  (This was of course our Sales Rep on the account though so that may be a case of “Make the Customer Feel Good.”)

So, now I am going through all 90 SQL instances changing the SA password. (A dumbass move on my part for having the same pwd for SA on each SQL instance.)

There is an old Chinese proverb:  “Do not use an ax to remove a fly from your friend’s face.”  Think that applies?