This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

change replica login password? (mssql server)

Posted on 01-06-2025 06:23 AM
cbuckley
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

As part of our security policy, we need to change login passwords. I was able to do that on the main instance but on our replica, I cannot change passwords. There is no option in the console and trying to do it using the alter login command results in an error that I do not have permission to change the password, even though I am logged in as the sqlserver user. 

Is there a workaround? this is a pretty major hole in the process

SQL Command:  ALTER LOGIN sqlserver WITH PASSWORD='xxxxx' OLD_PASSWORD='xxxx';

Error: 

Msg 15151, Level 16, State 1, Line 3
Cannot alter the login 'sqlserver', because it does not exist or you do not have permission.

screenshot below of consoleCannotChangeSqlLoginPassword.png

1 2 201
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
-Rhett
Staff
Reply posted on --/--/---- --:-- AM

Hi @cbuckley,

When using replicas on Cloud SQL, there is a known limitation where logins created after the replica is created won’t be propagated to the replica. However, you can try this workaround to manually create the logins in the replica:

  1. Create a login in your primary instance using Cloud SQL or using TSQL command
  2. Grant the required permissions in the database at primary instance
  3. Run this TSQL query at the primary instance to get the SID of newly created login
    select sid,name from sys.syslogins where name=[*loginname*]
  4. Create a login in the replica by executing this TSQL query using SQLserver or any other login which already exists in the replica and have ALTER ANY LOGIN PERMISSION.
CREATE LOGIN [*loginname*]
WITH PASSWORD = '[*password*]',
SID = [*SID_from_step_3*];

If you’re still getting the same error, try the troubleshooting steps on this Stack Overflow thread, or this thread from the Microsoft Community Hub by jose_manuel_jurado.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

Posted on --/--/---- --:-- AM
cbuckley
Bronze 3
Bronze 3
In response to -Rhett
Reply posted on --/--/---- --:-- AM

The login already exists. Its the sqlserver user/login that I cannot change the password to. This is a major security issue. As the super user of the server google has provided, it absolutely should have the ability to change its own password on the replica. I have already change the password on the primary and now we are out of sync

0 Likes
Top Solution Authors
View all