Is It Possiable To Store Password Encrypted To An External Config File?
Jun 2, 2006
I got a problem when developing SSIS packages.
For security reason, the sensitive information must be encrypted, and they should be configurable dynamically (by an ASP.NET application).
so I tried several ways to achieve this,
1. use SSIS Package Configurations to generate an XML config file
It's a convenient way to generate config file. but the passwords are not encrypted (or I don't know how).
2. use Variables and Property Expressions
I can set variables by reading from an external custom xml config file which was content encrypted (read and decrypt the custom config file in a script task). but in a FTP Connection Manager entity, the Password property can not be set via Property Expressions.
Is any way to store password encrypted to an external file?
View 1 Replies
ADVERTISEMENT
Apr 20, 2005
Hi everyone,
I am currently reading ASP.NET unleashed and practising few examples. The following code converts a user's text into a symmetric encryption:
'nd: define keys
Const DESKey As String = "ABCDEFGH"
Const DESIV As String = "HGFEDCBA"
'nd: convert string to byte array
Function convert2ByteArray(ByVal strInput As String) As Byte()
Dim intCounter As Integer
Dim arrChar As Char()
arrChar = strInput.ToCharArray
Dim arrByte(arrChar.Length - 1) As Byte
For intCounter = 0 To arrByte.Length - 1
arrByte(intCounter) = Convert.ToByte(arrChar(intCounter))
Next
Return arrByte
End Function
Private Sub btnGo_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnGo.Click
Dim arrDESKey As Byte()
Dim arrDESIV As Byte()
Dim arrInput As Byte()
Dim objFileStream As FileStream
Dim objDES As DESCryptoServiceProvider
Dim objEncryptor As ICryptoTransform
Dim objCryptoStream As CryptoStream
'convert string to bytes
arrDESKey = convert2ByteArray(DESKey)
arrDESIV = convert2ByteArray(DESIV)
arrInput = convert2ByteArray(txtInput.Text)
objDES = New DESCryptoServiceProvider
'pass keys
objEncryptor = objDES.CreateEncryptor(arrDESKey, arrDESIV)
'create to file to save password
objFileStream = New FileStream(MapPath("secret.txt"), FileMode.Create, FileAccess.Write)
'pass in file and keys
objCryptoStream = New CryptoStream(objFileStream, objEncryptor, CryptoStreamMode.Write)
'pass in text
objCryptoStream.Write(arrInput, 0, arrInput.Length)
objCryptoStream.Close()
lblDone.Text = "Done!"
End Sub
It works fine. But, how to i save this encrypted password into a database field instead of a writing it to a file? Also, could some please tell me how to paste code into this forum? I tried <code></code> tags but it did not work.
Many thanks,
Kevin
View 9 Replies
View Related
Feb 6, 2006
Hello,
I'm having an issue with a CLR Stored procedure. Everything works great in a 32 bit environment, I have a CLR SP that updates an xml file stored on a local drive. When I execute the Stored proc it does go and update what I want it to in a 32 bit system. When I run the CLR SP on a 64 bit cluster, I seem to have give the "everyone" group write permissions to my G: drive (which is where the file is located that I'm updating). What security context is this SP running under? I thought it would be either under the SQL Service account (which is a domain user in the local administrators group) or what I'm logged in as when I run it from Management Studio (which is a domain admin, also in the local administrators group). If I have given the local administrators group "Full Control" access to the G: drive, why isn't this enough? Why do I have to give the Everyone group write access?
The security context seems odd to me, it seems like it's not running as either one of those 2 users I mentioned, because if it was, then it should be able to update the xml file.
Any help appreciated. Here's the error I'm getting:
Msg 6522, Level 16, State 1, Procedure usp_XMLWriter, Line 0
A .NET Framework error occurred during execution of user defined routine or aggregate 'usp_XMLWriter':
System.UnauthorizedAccessException: Access to the path 'g:ssisPackagesBuildCalendarandy.dtsConfig' is denied.
System.UnauthorizedAccessException:
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
at System.Xml.XmlTextWriter..ctor(String filename, Encoding encoding)
at System.Xml.XmlDocument.Save(String filename)
at XMLWriter.StoredProcedures.usp_XMLWriter(String xmlDocPath, String xmlNodePath, String xmlInnerText)
.
View 3 Replies
View Related
Nov 6, 2006
Hi
Config files doesn't seem to work for me :( i want to make a common config file for all of my packages but it is giving me error
Validation error. The AcquireConnection method call to the connection manager failed with error code 0xC0202009
I have placed pasword in my config file too. Following is config file which i m using, server name n password are masked.
<?xml version="1.0"?>
<DTSConfiguration>
<DTSConfigurationHeading>
<DTSConfigurationFileInfo GeneratedBy="SSBKD955688" GeneratedFromPackageName="DTS_ACPM_MarkIT_Indices_Composites_TRAC_X_Asia_Index" GeneratedFromPackageID="{CB3660A1-5E6C-4D08-A7F5-4D6CE83578E2}" GeneratedDate="2006/10/19 14:05:20"/>
</DTSConfigurationHeading>
<Configuration ConfiguredType="Property" Path="Package.Connections[ssmgn838.ACPM.acpmuser].Properties[ConnectionString]" ValueType="String">
<ConfiguredValue>server=########;user id=sa;password=******;database=ACPM;
</ConfiguredValue>
</Configuration>
<Configuration ConfiguredType="Property" Path="Package.Connections[Text File (Source)].Properties[ConnectionString]" ValueType="String">
<ConfiguredValue>C:acpmfiletouploadCopy of ACPM_MarkIT_Indices_Constituents_Composites_1_ITRAXX_ASIA.tab
</ConfiguredValue>
</Configuration>
</DTSConfiguration>
View 3 Replies
View Related
Sep 2, 2015
Currently have a single hard coded file path to the SSRS config file which parses the file and provides the reporting services web service url. Â My question is how would i run this same query against 100s of servers that may or may not share the same file path as the one hard coded ?
Is there a way to query the registry to find the location of the config file of any server ? which could be on D, E, F, H, etc.Â
I know I can string together the address followed by "reports" and named instance if needed, but some instances may not have used the default virtual directory name (Reports).
Am I going about this the hard way ? Is there a location where the web service url exists in a table ? I could not locate anything in the Reporting service database. Basically need to inventory all of my reporting services url's.
View 2 Replies
View Related
Apr 9, 2007
when we built the login control by built in login control of vs2005 the passwords are saved in the database which is automatically created.how can i get the unencrypted form of these passwords from database.
View 2 Replies
View Related
Jan 8, 2008
Hi,
I wonder if it is possible to retrieve encrypted password somehow?
Like I have saved password (blueRays) in encrypted formate. How can I retrieve it "where password='blueRays' "?
Regards
View 4 Replies
View Related
Jul 2, 2007
How can I unencrypt an encrypted password in sql 2005?
View 8 Replies
View Related
Feb 6, 2003
I have a USERS table on an SQL Server 2000 with two fields, USER_NAME AND PASSWORD, and I want to encrypt the passwords when I stored them on the table.
I used {Encrypt N ‘MyPassWord’} to encrypt the password and it looks that the passwords have been encrypted.
Went, however, I execute a SELECT statement for a specific password all passwords are returned.
This is a small sable code:
------------------------------------------------------------------------------------------------
CREATE TABLE dbo.Users
(
User_Name nvarchar (10) NOT NULL ,
PassWord nvarchar (50) NOT NULL
)
GO
INSERT INTO USERS (User_Name, PassWord)
VALUES ('MyName', {Encrypt N 'MyPassWord'})
GO
INSERT INTO USERS (User_Name, PassWord)
VALUES ('YourName', {Encrypt N 'YourPassWord'})
GO
SELECT * FROM USERS
WHERE PassWord = {Encrypt N 'MyPassWord'}
(2 row(s) affected)
-------------------------------------------------------------------------------------------------
Unfortunately both (All) rows are return
Is it any way to encrypt password and be able to select them?
Is it any other way to encrypt data into the database?
Thank You
Elias
View 1 Replies
View Related
Nov 20, 2014
I Forgot for my longtime used home expense update application password which has backend sql expressedition database.
i was used the application before 3 years, unfortunately i stopped updating my home expendature to the software.and now i require to login the application but i dont how reset the password in db, i have open database include tables of users profile. and password, but its encrypted.
View 1 Replies
View Related
Jan 11, 2006
Hi guys...
My question....
I built an vb.net app that set some parameters and runs a store proc. Besides, the vb.net app creates an user with admin rights, his credentials: username and password are stored in DB.
I thouth to encrypt password with hash + salt method.
The problem....
Hashing password means that they are not decrypted ...only compared ..and here the problem....I would like to reuse this password to be used in the addlinked server store proc and other sql statement.
How can I Manage encrypted password to be used later...
thank for any suggestion....
View 1 Replies
View Related
Apr 9, 2007
I have multiple databases, one for each client. I created a master report. Then I created links to this report for each client database in separate client-specific folders. I parameterized the connection string so that the server name and the database name are parameters of the linked report. The connection string is: ="data source=" & Parameters!SrvrName.Value & ";initial catalog=" & Parameters!DbName.Value.
The problem is that the security for now is Windows Authentication. (We are in the testing phase). However, my users will be both internal (company) and external (client) users. We do not want to set up database user IDs for each client user. I could create a single SQL account that has read access to all databases, relying on the Reporting Services security. But I would prefer to create separate SQL accounts for each database as the information is sensitive. Then I would probably pass that information in as a parameter to the report as well. Either way, I would have to include the password somehow. But, if I do that, I'm not sure how to include the password parameter. I would like it to be secure and passing it in as a parameter is not very secure.
I would really appreciate some suggestions on how to proceed.
View 1 Replies
View Related
Jan 14, 2005
Hello,
I have a simple .NET page that asks the user to create a new account. One of the fields on that page is 'Password'. I store the password in a SQL 2000 Database. However, it appears in the database as clear-text.
Is there a way to encrypt this so it doesn't appear as clear-text in the DB?
Thanks!
Jason
View 1 Replies
View Related
Nov 22, 2006
Can somebody pls guide me on how i can Store & Retrieve Encrypted Username and Password Hashes.
I want to know following :-
1. I'm doing all the encryption and calculating password hashes on client side (VB), which i want to store in SQL Database when a new user account is created. I want to know what data types to use in Database. I will prefer not to use strings at all on client side due to secruity issues, i want to do all transfer in bytes -> to and from SQL server. How i can do that
2. How the connections can be made encrypted or more secure when doing these communcations.
3. I want to know if this is the right approach or to use the built in features of SQL Server 2005, main reason for not using that is that not all Encryption and Cryptography are supported...
pls help me on this as i'm fairly new to this.
View 8 Replies
View Related
Oct 1, 2007
Hello
SQL Server 2000 Enterprise Edition SP3
I have an application which uses a login with an encrypted password. Everything works well, no errors in the application.
My SQL Server errorlogs keeps recording:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
I know this message is related to the login with the encrypted password (tracked it with Profiler)
My question: Is it normal that the error log tracks this message because the password is encrypted?
Many thanks!
Worf
View 1 Replies
View Related
Oct 16, 2015
I have created a FTP task in SSISÂ to upload file to the server. Due to some policy issues we do not have the actual password with us. we have been provided with a encrypted password. Hence I am not able to connect to the server through the FTP task connection manager. Is there a way to connect to the server and send file using the encrypted password, so that we don't require the actual password to run the process successfully?
View 3 Replies
View Related
May 14, 2007
Hi,
In BI Tool SSIS Packages run fine and get data From Oracle and Save it in SQL Server.
Package Protection Level is EncryptSensitivewithPassword.
In BI tool when i open the package it ask password and then run fine.
If i change the Protection Level to Dont save Sensitive,
It does not run fine in even BI tool.
It is fine if i use EncryptSensitivewithPassword.in BI Tool and run it.
Now the problem is that i need to run this package through SQL Job.
so Job give error
"Failed to decrypt an encrypted XML node because the password was not specified or not correct. Package load will attempt to continue without the encrypted information."
Please i need help ?
Thanks
View 7 Replies
View Related
Dec 22, 2005
Hi,
I wanted to know if there was any way of setting the SMTPAuthenticate in the RSReportServer.config file, so i could connect to a remote SMTP with username and password ?
I am using window 2003 system where smtp is not installed and i don't want to installed it.
If there is another way to change only in Rsreportserver.config file except pick up directory.
thanks in advance
Ashok kumar yadav
View 14 Replies
View Related
Jun 1, 2008
Just downloaded and installed the VS 2008 Express and created/tested some websites. I have done several aspx websites using VS 2005 during the last 2 years. Still I don't quite understand the details of coding the database connection and DataBing. For example, what does 'providerName',and Integrated Security really mean?Why in the Web.config file these are providerName="System.Data.SqlClient" and Integrated Security=True? Why in Default.aspxthere are both ntegrated Security=True;and USER ID=WEB; Password=webwebweb1". I know these may deal with the authentication mode of my SQL Serverdatabase.For the VS 2008 Express and SQL Server 2005 Express, I installed in my XP home PC, I used the file system websites, If I upgrade to XP Pro and install IIS web server, and use SQL Server 2005, what might be different? Jeffrey Web.config <connectionStrings> <add name="NorthwindConnectionString" connectionString="Data Source=D5MRY6G1SQLExpress;Initial Catalog=Northwind;Integrated Security=True" providerName="System.Data.SqlClient" /> </connectionStrings>Default.aspx <asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="Data Source=D5MRY6G1SQLExpress;Initial Catalog=Northwind;Integrated Security=True; USER ID=WEB; Password=webwebweb1" ProviderName="<%$ ConnectionStrings:NorthwindConnectionString.ProviderName %>"MasterDetail.aspx <asp:SqlDataSource ID="SqlDataSource2" runat="server" ConnectionString="<%$ ConnectionStrings:NorthwindConnectionString %>"
View 1 Replies
View Related
Oct 20, 2015
I want to store multiple config files into single table I am unable to do it.
View 8 Replies
View Related
Jul 20, 2005
Hii heared that Oracle can convert from number to word thru query iremember thru (jsp format) .Is it possiable in sqlserverThanks
View 1 Replies
View Related
Jul 20, 2005
Hi,I've written a M.plan in my client place which is scheduled to occurweekly once.But 4 days gone from the last backup taken , there is aproblem in the server which does not start loading windows .The onlyway is entering via SAFE-MODE.In the safe mode the E.Manage does notconnected(is it due to safe-mode).They told they going to format the system . Since the E.M is notconnected, I just copied only my DB(.mdf) and the log file(.ldf).Afterthat i come accross that all the system databases should be backed upalong with the User DB then only possible for Restoration.My request isIs it not possiable to restore my copied DB(.MDF) (not backed up)After reinstallation of Sql server.With Heartfull thanksRaghu
View 2 Replies
View Related
Sep 21, 2006
Hello All,
I experienced a weird error while deploying my SSIS package. After running the manifest file, i noticed that one of the configuration file's path was not updated in the dtsx file. My solution has 8 packages and almost every package has 2 configuration files. Except 1 file every other config file's path is being updated. Has anybody experieced such a problem?
Thank you in advance for your help
Sumesh
View 1 Replies
View Related
Aug 7, 2007
Hello everybody,
I'm a SSiS newbie and I'm trying to reproduce my old DTS from sql server 2000 into this new SSiS.
I need to retrieve data through ODBC from a SAP db. I've got the right DNS and it works (Test connection succesful), but I'm unable to store password in connection manager.
I tryied to foigure out why and how to solve this problem, and I found somehthing on this forum talking about changing configuration files or something else... I'm a newbie, I don't know which files you're talking about..
Can you explain me in the simplest way possible how to store password in connection manager?
thanks in advance
View 1 Replies
View Related
Jul 6, 2007
We have an encrypted drive (that can be mounted and dismounted, a third party tool to encrypt drive path). I wanted to store the secondary file to that encrypted drive path. The secondary file stores confidential information. I separated the table from the primary to secondary file. Encryption per column is not advisable to do on that table so we decided to separate that table and put it on secondary filegroup. The physical file is stored in the mounted drive path.
I can read and write in that mounted drive path. I can also read and write if the drive is unmounted (which I believe read and write is really being done). When the drive is unmounted, the physical secondary file (.ndf) is not visible to any user logging in the server itself (this is actually the goal why we do this encrypted drive setup thing). It is kept virtually somewhere in the machine. To mount it back, a password is needed.
I'm a bit confuse, somebody can advise or give their insight on this setup. I believe that when the drive is dismounted, SQL Server stored the transactions in cache until it finds that the drive is mounted back. This means that all transactions are not comitted yet. When the drive is mounted back, I think SQL Server is smart enough to check/know that the drive is physically present and will flash all the pending transaction from the cache to the hard drive.
Is my assumption correct? Is there any thing that I need to know about transaction, committed and those data flashing thing on the hard drive?
Thanks in advance....
View 4 Replies
View Related
Mar 25, 2001
For every one
Visual basic permit use shell command to execute any file
shell "c:programs Filesword.exe
How could I make it in SQLServer 7.0
Sincerely.
Fain Boris.
View 2 Replies
View Related
Jan 15, 2008
Can I include an external file (html) in report's definition? Like a subreport, and expecting show the file content...
thanks
View 5 Replies
View Related
Dec 14, 2001
How can I read one external file (*.txt,*.csv) through
stored procedure in MS Sql Server 2000 ?
On the database Interbase its very simple :
[CREATE TABLE table [EXTERNAL [FILE] ’ <filespec>’]
( <col_def> [, <col_def> | <tconstraint> …]);
EXTERNAL [FILE]“<filespec>
” Declares that data for the table under creation resides
in a table or file outside the database;
<filespec> is the complete file specification of the
external file or table]
Please advice
Thanks
Patricio
View 1 Replies
View Related
Mar 12, 2008
how do i write a select query which will return all my data into an excel file or an xml file or txt file?
View 3 Replies
View Related
Nov 21, 2007
This is how I used to create DTS in SQL SERVER 2000 and then create a job for scheduling.
' Visual Basic ActiveX Script
'************************************************************************
Function Main()
url="http://www.pageName.com/abc.aspx"
set xmlhttp = CreateObject("MSXML2.XMLHTTP")
xmlhttp.open "post", url, false
xmlhttp.send ""
'msgbox xmlhttp.responseText
Main = DTSTaskExecResult_Success
End Function
Now how will I do the same in the SQl SERVER 2005.
Please help as it is very critical to my work.
Thanks in advance.Manpreet
View 1 Replies
View Related
May 24, 2007
Does anyone have an example of a web.config file that works with Dynamic Data controls? I asked because I can't seem to arrange my "config sections" in any working order. I use 1 connection string in the web.config to establish a conversation with the database. Thanks in Advance.
View 1 Replies
View Related
Feb 21, 2008
Hi the data connectionstring will be generated automatically in web.config file after dragging a data table from database into webpage.for example: <configuration> <add name="SQLProfileConnString" connectionString="Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|MSPetShop4Profile.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/> </> But what if I have to write the connectionString part myself, I mean where I can get the syntax of it? Thanks a lot
View 1 Replies
View Related
Mar 25, 2008
I have a simple SSIS package which includes one Analysis Services Processing Task. I have created a connection manager object (cmo) and assigned it to the AS task. Within the cmo I selected a specific user name and
password to log on to the server with. Tested this [domain][user account] and it works. Now here is the problem. When I run the package either in debug mode or from a command line, the packages ignores the connection manager and
attemps to use the account I am logged into the server with.
Using a config file to hold the credentials does not work either. When DTEXEC is used, the package attempts to use the credientials used to log in to the server.
Does anyone have any ideas why this is happening?
View 4 Replies
View Related
