For one of my clients, it was the time to say good bye to SQL 2000. It has been already late to say it but now they are upgrading everything to latest technology, including virtual servers on SAN storage, 2K8R2 etc. and SQL 2008.
I did not want to do an in-place upgrade of 2k3 server and SQL, but restore the database to a fresh 2K8R2 server. Test platform was ready - thanks to virtualization it is so easy to get new servers going - and moving the database was smooth. Everything was good till we start the app, then
18456 severity: 14 State: 8 - Login failed for user 'xxxx' [CLIENT:xxx.xxx.xxx.xxx]
This system is coming from the days where most of the computers did not have a virus guard. The password is not complex so no way we could typed it wrong 100s of times. However, going around that till mid night did not resolve the issue.
In the morning went through all the events with a fresh mind. With all the knowledge gathered from posts in the web it became clear what the issue was. Looking at the binaries confirmed the suspicion, and with a single change it started working.
SQL Server 2000 passwords are not case sensitive. The database had a mixed case password, which is hard coded in the app. After migration, password was set to all lowercase, just like it was typed. Admins were using the password in lowercase for all those years! When passwords become case sensitive by default in newer version, it did not work anymore.
Today, we don't even thinking of hardcoding passwords. We want the user name to be case sensitive let alone the password. We failed to grasp that it was the norm just a few years back. Times are changing and we are forgetful.
No comments:
Post a Comment