I am trying to find out how to hide/obscure a password in SQL server. Currently the passwords are being held as a text field, which means that anyone who queries the table or just opens it can see everyones passwords.
Is there some way of hiding this? I have been searching for ages and can't seem to find anything.
Thanks
I am setting up several isql job in Enterprise Manager and as a cmdexec job I need to pass the user id and password( -P). I shtere any way not to pass this as text and perhaps hide/encrypt it since any one who opens the task scheduler and looks at the job can read the password?
Thanks.
DAvid Spaisman
Hi,
I have connectionstring inside my script component, but I want to encrypt/hide it... how do i do that in ssis?
Dim cn As SqlConnection
Dim SQLCmd As SqlCommand
Dim dr As SqlDataReader
cn = New SqlConnection("Server=localhost;user=sa;pwd=test;database=test")
cherriesh
I have a package protected by a password - I am already unhappy that to get it to use the configuration file to change connection strings for the production servers I have had to hardcode the password into the config file - very insecure!
However, the package now deploys correctly to the production server and will run from there OK, but NOT if scheduled as a SQL Server Agent Job. Thus is because however often I edit the command line to include the password after the DECRYPT switch (which it has prompted me for when I click on the command line tab), the Job Step will not retain it.
If I open it up after I have edited it and closed it, the password has disappeared.
I know that if I run dtexec plus the code in the Command Line tab (with the password), the package runs OK.
This is driving me insane!
I have read all the other posts and so I tried replacing the SSIS package step with a CmdExec step and pasting that code into there - then I get an OLEDB error..
The code I use is:
DTEXEC /SQL "ImportRateMonitoringTables" /SERVER servername /DECRYPT password /CONFIGFILE "D:Microsoft SQL ServerSSISDeploymentsRateMonitoringImportTasksDeploymentImportRateMonitoringTables_Production.dtsConfig" /MAXCONCURRENT " -1 " /CHECKPOINTING OFF /REPORTING E
and I get
SSIS Error Code DTS_E_OLEDBERROR. An OLE DB error has occurred. Error code: 0x8000FFFF
although the same code executes perfectly from a command prompt.
Please does anyone have any experience with a similar problem and if so, how did you get round it?
Thank you
I tried to install an ALLDATA database which run with SQL Server 2005 express edition. The data base fails to install becase of the following code that come up which is related to AS password requirement. The error that come up is:
TITLE: Microsoft SQL Server 2005 Setup
------------------------------
The sa password must meet SQL Server password policy requirements. For strong password guidelines, see Authentication Mode, in SQL Server Books Online.
For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.2047.00&EvtSrc=setup.rll&EvtID=28001&EvtType=sqlca%5csqlcax.cpp%40SAPasswordPolicyCheck%40SAPasswordPolicyCheck%40x6d61
------------------------------
BUTTONS:
&Retry
Cancel
------------------------------
I am trying to install this database in a network server operating under Windows Server 2003 R2 with SP2. If anyone knows how to solve this problem, please let me.
Thanks,
Amilcar
Hi everybody
In my web application I am using SQL Server 2000. But as we all know, its presence in the network is visible to all the clients in the network. Anybody who has SQL Server client installed and knows the password of the database would be able to access DB remotely and this is what I don't want. I want user to access my database only when they are loggedon on physically (directly) on the machine on which SQL Server is installed.
Your replies are awaited.
Thanks in advance.
Regards,
Zulfiqar Dhuka
I have an internal Project Management and Scheduling app that I wrote internally for my company. It was written to use MySQL running on a Debian server, but I am going to move it to SQL Server 2000 and integrate it with our Accounting software. The part I am having trouble with is the user login portion. I previously used this:
PHP Code:
$sql = "SELECT * FROM users WHERE username = "$username" AND user_password = password("$password")";
Apparently the password() function is not available when accessing SQL Server via ODBC. Is there an equivalent function I could use isntead so the passwords arent plaintext in the database? I only have 15 people using the system so a blank pwd reset wouldn't be too much trouble.
I would like to know if it's possible to embed a SQL Server 2000/2005 DBwithin a desktop application so that the end users cannot view the DB.Also, this will prevent them from copying the database on to their otherSQL Servers.Also, what are the options to load SQL Server 2005 on Win 98*** Sent via Developersdex http://www.developersdex.com ***
View 2 Replies View RelatedDear All,
I m using mssql server 2005, when i create a user account for mssql and then use this account to login via management studio. It will show all the system databases and other client databases. How can i hide those databases and allow the client to see their own databases.
Regards,
Ricky
Say I want to search for a range of account numbers but only which are active. After I set my field for A (active) this field shows in my results, I dont want it to.
In Access you can easily just uncheck that field in design view, but how do I do it in sql?
I have written a SQL statement.There is a table called customer.It contains all customer data with customerid as PK.There is another table called logs and it contains customerid as foreign key and it contains a field to keep more than 90 days older user accounts.That field name is "Checked"
What I need get all records from these 2 tables and remove/hide more than 90 days older customers from record set.See my illustration.
I have written this code but I dont understand how to remove more than 90 days older user from result (because customer table doesnt contain a record called "Checked")
SELECT *
FROM [dbo].[Customers],[dbo].[VIESLog] WHERE [dbo].[VIESLog].[Checked] < DATEADD(day, -90, GETDATE())
I need to set up 1 new user in SQL Server 2005 to be able to read specific tables in a db (db1).
The user will connect from MS access using odbc links (SQL Native client ot SQL Server driver)
I've tried to set up one and once logged on from the user workstation, I can only see sys. tables and INFORMATION_SCHEMA tables.
None of the required db1 tables appear.
under Security/Logins I've created User1:
SQL Server auth. with password
default db = db1
server_roles = none
user mapping = map, db1, user1,dbo
securables = none
status = grant, enabled
on the access db, the odbc link was set up with default db = db1
Why can't I see any of the db1 tables?
How can I restrict access to the sys. tables?
Thank you
I have connected to Database using my credentials by checking remember password option. After few days I forgot my password. How can I recover the password as SQL remember it. Is there any way to recover my password instead of resetting it.
View 3 Replies View RelatedI am receiving the following error message when attempting to create a new SQL Authenticated login id.
Password validation failed. The password does not meet the requirements of the password filter DLL. (Microsoft SQL Server, Error: 15119)
I have four servers all running SQL Server 2005 SP2 on Windows 2003 Ent. SP1. Of the four servers, only one received the above error message using the same TSQL below.
CREATE LOGIN TEST_LOGIN WITH PASSWORD = 'pvif9dal' MUST_CHANGE, CHECK_EXPIRATION = ON
All four servers are in the same domain, which if I understand correctly, the password policies are therefore inherited at the OS level by the domain. The password being used is within the password policies of the domain.
Any ideas as to a root cause?
On the login prompt for Report Server, there is a checkbox option to "Remember my Password." I check this, login successfully... but when returning to the Report Server, I am again prompted for the password, although the user name is saved. No matter how many times I do this, the password will not save in IE7. I have tried this on 3 different computers with IE7. In IE 6, I do not even get the checkbox as an option, just the user name/password prompt. In Firefox, the password saves fine. Any ideas what would be causing this?
Thanks,
Brian
I have a complicated question that involves the password policy defined within Windows Server 2003 and how it is used in Microsoft SQL Server 2005. I recently installed windows server 2003 on my development system. I am a person that prefers to develop in the same OS that our application runs in production. After installing 2003, then a Domain administrator added my machine to our corporate domain. Now, I cannot change the local password policy to allow a simple password. I believe this is due to policy inheriting from the domain that the machine belongs to.
This ties back into SQL Server 2005 because installing sql server on a Server 2003 causes SQL Server 2005 to follow the password policies defined at the OS level. This breaks our application in a subtle way in that we create login accounts for new client databases with random password. Because the password is random it sometimes conforms to the policy and sometimes not.
In production environments, the password policies are configured differently. So I need to one of the following options:
-change the group policy/inherited policy on my machine to not inherity from the domain I joined (prefered solution but don't know HOW)
-change SQL Server to not use OS password policy
-change code to use CREATE LOGIN statement with CHECK_POLICY=OFF or change password generation code to use a stronger password. (don't want to do this as the code change is only accomodating non-production environments)
If someone has a better place to post this question, I would sure appreciate it.
I put this together to export the user name /password to a csv file to test my SP to output the user name/password.
DECLARE @user_name varchar(50)
DECLARE @psswrd varchar(10)
SELECT @user_name ,@psswrd
FROM ngweb_bulk_enrollments
EXEC master.dbo.xp_cmdshell 'bcp NGDevl.dbo.ngweb_bulk_enrollments out C: est.csv -Sserver1 -T -t, -r
-c'
This works but I don't get the headers in the file. How can I include the headers?
Hi,I have developed site which has a resource file which connects to sqlserver using login name and password.Now my client doesn't want me to login to production database. bu the packing of the system is with me. is there any way to solve this issuse so that i can package the software without knowing database login name and password.TIAAmit
View 2 Replies View RelatedI read in Computer Weekly (Jan 6th 2000) about a bug in SQL Server 7. This means that any user can get hold of the administrator (sa) password.
Does anyone know anything more about this ??
thanks
Paul
Hi,
I reset user passwords on SQL Server 6.5 when users forget them. How can I do this without
using Enterprise Manager? Is there a stored procedure that I can call from iSQL?
Thanks,
girija
Hi All,
we plan to change SA password and there are 2 servers running on replication.
what are the precautions that i have to consider?
what is the fallback plan should changing SA password causing other error/ bugs?
can somebody tell me the exact steps to change SA password for this kind of environment?
thanks in advance.
-Nonie
Nonie
This has to be a simple question for most of you, so here goes.My passwords for sa and another login that I created keep resetting.How can I turn off password expiration in SQL Server 2000?Thanks!MB
View 4 Replies View RelatedDear All,
Greets for the day,
This is the first time I am using SQL Server 7.0 on a bussiness machine, I need to apply password on the database, OS is windows XP professional, need u r help on this.
Hello guys,
I have developed a stored procedure that create linked server. The problem is:
to crearte the linked server I need to pass user and password. How can I pass user and password in a encrypted way.
I think that if the stored proc execute: addlinkedserver procedures with user and password, these are readable to everybody with sniffer or SQL profile.
How can I pass encrypted password to SQL server engine to create a linked server?
Thank
Hello guys,
I have developed a stored procedure that create linked server. The problem is:
to crearte the linked server I need to pass user and password. How can I pass user and password in a encrypted way.
I think that if the stored proc execute: addlinkedserver procedures with user and password, these are readable to everybody with sniffer or SQL profile.
How can I pass encrypted password to SQL server engine to create a linked server?
Thank
I am in a panic right about now. We had to change the Admin (server) password and it is working fine to log on to Windows, but when I click on IE and navigate to the report server, it is asking me for the old password still. I am new to SRS, so I am learning as I go. I found some threads on using the rsconfig.exe and I fiddled around in it and now (in addition to requesting the old password to log on to the report server) all of the reports I created have a user name and password field that requires the SA password for connecting to the data source.
Is there any way I can fix this or do I just need to uninstall SRS from the server and re-install it? I found the following thread, but am a little skiddish about doing anything else in light of the current state I put the report server in.
https://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1031391&SiteID=1
Any suggestions?
Hi guys,anybudy know the thing as title?And does sql server has the func. to transfer plain txt to encryt. text? Cheers, Elton
View 2 Replies View RelatedHow do you change the SA password in SQL Server 2005?
Thanks.
Doug
Hi,
Does anybody know how to migrate the user's password along withe user names from one sql 7 server to another?
Thanks,
Jim
What issues will I encounter if I change the MSSQLSERVER password?
View 2 Replies View Relatedhi folks,
has anyone experienced this issue?
When one changes the login password for XP, all the SQL Server groups are removed the next time you log into SQL Server 2000.
Is this a bug or a security feature, is there any way around it?
thanks for any help!
I have forgotten password of user sa in sql server 2005.
But if authentication is window . I still login, and do work normal.
So how to solve problem ,if authentication is sql server.
Thank you very much.
Hi Guys,We've lost the password for the sa. No other users belong to the admingroup. I've tried logging in using osql -E (windows authentication)without success. Is there anyway to reset the sa password? The databaseis MSDE and the version seems to be 7 (sql server 7 folder on pc). Itis running on Windows 2000 professional.Any help would be greatlyappreciated.Regards,Eddie
View 2 Replies View Related