If you use SQL Server Authentication, also known as Standard Security, to install the products listed in the "Applies to" section, the system administrator (sa
) password may be stored in clear text, or in an encrypted readable format in the SQL Server Setup files.
Also, if you configure
SQL Server Services by using a domain account, the domain account password may
be written to the Setup.iss file in a weakly encrypted format.Note
Microsoft SQL Server 2000 Service Pack 3 (SP3) or later versions use encryption on the included passwords in these files. This encryption helps improve security. However, we still recommend that you remove the encrypted passwords or the installation files that contain the passwords if they are no longer required.
SQL Server 7.0
password or the domain account password is saved in a clear text
or a weakly encrypted format in the Setup.iss file in the %Windir
% folder. Note
% folder will also vary if the original installation was completed through a Terminal Server connection. A copy of this file is created in the %SystemDrive%\MSSQL7\Install\or\Tools folder when the Setup program finishes.
The password information may also be included in the Sqlstp.log file and in the Sqlsp*.log file. These files exist in the %Windir
% folder and the Temp folder. The %Windir
% folder will also vary if the original installation was completed through a Terminal Server connection. On Microsoft Windows 2000-based computers, the Temp
folder is set under the Environment Variables
on the Advanced
tab of the System Control Panel.
SQL Server 2000
password or the domain account password is saved in an encrypted,
but readable format in the Sqlstp.log, Sqlsp.log and the Setup.iss files in the
:\Program Files\Microsoft SQL Server\Mssql\Install folder for a
default installation. Note that the Mssql folder may be MSSQL$InstanceName
for a named instance installation. The Setup.iss file for SQL Server
2000 uses Access Control List. Therefore, only Windows NT administrators and SQL Server administrators can access the file.
SQL Server 2000 also includes the ability to natively install on a Windows Clustered server. The remote cluster Setup log files are Remsetup.ini and a remote install script file that is similar to the Setup.iss files for each remote node. These remote install script files are named RemoteComputerName
.iss. These files are also stored in the %Windir
% folder and are ordinarily deleted when the Setup program finishes. However, these files may potentially be left behind if the cluster setup experiences a failure.
To resolve this problem, use one of the following methods:
- Use Microsoft Windows NT Security Authentication to install
the original release version of SQL Server or a service pack. Then, use the LocalSystem account when you configure the SQL Services. This method avoids this
- Change the SQL Server sysadmin (sa) password and the SQL Service domain account password after you
install the service pack.
- After you install the products that are listed in the "Applies to"
section, you must run the Killpwd.exe utility to clean the setup files. The
Killpwd.exe utility works for SQL Server 7.0 and for SQL Server 2000.
Note Previously, Microsoft released an update for SQL Server 7.0 (MSDE 1.0) Service Pack 2 and for SQL Server 7.0 Service Pack 3. However, you do not have to use the updates because the updated Killpwd.exe utility supersedes the previous updates.
Killpwd utility instructions
Microsoft has created a command utility, Killpwd.exe,
to search the Microsoft SQL Server Setup files for the sa
login password. If the Killpwd.exe utility finds an occurrence of
password, the sa
password is removed from the log file in basic mode operation. By default, the tool
searches the Sqlsp.log, Sqlstp.log, and Setup.iss files in the %Windir
%\Temp and %Temp
% folders, where %Windir
% and %Temp
% are environment variables defined by Microsoft
Microsoft has updated the Killpwd.exe utility to include more locations where the
setup files that remote and cluster installations create are located. In some scenarios, these files may have names or paths that vary from the defaults. These variants are the following:
Download and then run
the latest Killpwd.exe utility from the link in this article. The new version includes the ability to specify locations other than the default location to find all possible versions of these files. You can also specify remote locations.
For more information about these log files and unattended installations, see your SQL Server documentation. If you create an *.iss file to perform unattended installations, you must copy the *.iss file to a security-enhanced location that is not in searchable folders.Note
These setup information files are also left behind when you remove SQL Server. This behavior is by design. This behavior lets you troubleshoot why an installation might have failed if you are forced to rollback and lets you use an ISS file to reinstall this instance or other instances. In this case, this instance of SQL Server is clearly no longer available to take advantage of. However, the nature of passwords is so that you might have used the same password for another instance of SQL Server that has not yet been removed.
To run the Killpwd.exe utility use one of the following methods:
- Double-click Killpwd.exe.
- Run Killpwd.exe at a command prompt.
run Killpwd.exe at a command prompt, you receive more information.
Note At a command prompt, you can use the following parameters:
Killpwd.exe /?To specify a non-default search path and file
For SQL Server 2000, you must specify the location of the
Setup.iss file if you want to remove occurrences of the sa
password. The Setup.iss file for SQL Server 2000 is located in
:\Program Files\Microsoft SQL Server\Mssql\Install folder for
a default installation. Note that the Mssql folder may be MSSQL$InstanceName
. If you will use the Setup.iss file later to perform an unattended
installation of SQL Server, do not run Killpwd.exe on the Setup.iss
You may receive the following messages:
Steps to run the Killpwd.exe utility
To run the Killpwd.exe utility, follow these steps:
- Download and extract
The following file is available for download from the Microsoft Download Center:
Download the Killpwd.exe package now.
Release Date: June 14, 2005
Collapse this imageExpand this image
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
How to obtain Microsoft support files from online services
- Run the self-extracting executable file to extract the
package. During the extraction process, you are prompted to specify a
destination folder for Killpwd.exe.
- In Windows Explorer, move to the folder you specify in step 2. Double-click Killpwd.exe to run the program. Or open a command prompt, and then enter the path of Killpwd.exe to run the executable.
The following command-line parameters are available in the new version of Killpwd.exe:
Collapse this tableExpand this table
|/? /H /Help ||Display Killpwd tool help text.
|/F /File||Scan a specified file for passwords and then remove the passwords.
| /P /Path||Scan the files in a specified folder for passwords and then remove the passwords.
|/Nologo||Suppress the logo information output.|
| /R||Enable recursive mode. All files and subfolders of the specified folder will be scanned and cleaned.|
|/N||Enable scan-only mode. Files will be scanned but passwords will not be removed. This parameter is used to create a list of changes that the utility would make. You can use this list to review the changes for correctness before you actually make the changes.|
|/V /Verbose||Enable verbose mode logging.
You must have Windows Administrator rights to run the utility.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about how to download and to install the latest SQL Server service pack, click the following article numbers to view the articles in the Microsoft Knowledge Base:
How to obtain the latest SQL Server 7.0 service pack
How to obtain the latest SQL Server 2000 service pack
For more information, contact your primary support
The Sqlsp.log file is used to track the installation
progress and to troubleshoot service pack installation
For more information about how to determine which folder Windows is
installed in, click the following article number to view the article in the Microsoft Knowledge Base:
How to determine which folder Windows is installed in