Question About Encrypt Sensitive With User Key
Jan 17, 2008
Hi,
If you use "encrypt sensitive with user key" with windows user "Fred" and the "Fred" windows user is subsequently deleted from the server, can you then change the encryption level by using another person's login? Or is the package forever gone?
Thanks
View 3 Replies
ADVERTISEMENT
May 28, 2008
Hi There
We had a simple setup.
All packages were encrypted with a user key, since everyone logged in and developed with the same user.
DOMAIN�i.user. Who was a local admin on the servers. The Sql Agent also ran under this account. So everything worked 100%.
We have had a security overhaul, each user now has hisher own login. So when DOMAIN�i.UserA now saves a package it fails when the Sql Agent runs it. Obviously becuase the agent does not run under DOMAIN�i.UserA , this is fine we created proxies etc.
BUT i only recently noticed that they also changed all the Sql services including the agent to run under a new account. DOMAINserviceAdmin. But all our jobs and packges ran fine after this.
I dont get it ? All the existing packges were encrypted with the DOMAIN�i.user login , which the agent ran under, so why when the agent account was changed do all these packages not fail with the usual failed to decrypt error ?
Basically i dont understand how packages encrypted under one user can now be executed by the Sql gent running under a different account ??
Thanx
View 7 Replies
View Related
Jan 7, 2007
Hi there ,1. i have a database and i want to encrypt my passwords before storing my records in a database plus i will later on would require to authenticate my user so again i have to encrypt the string provided by him to compare it with my encrypted password in database below is my code , i dont know how to do it , plz help 2. one thing more i am storing IP addresses of my users as a "varchar" is there a better method to do it , if yes plz help me try { SqlConnection myConnection = new SqlConnection(); myConnection.ConnectionString = ConfigurationManager.ConnectionStrings["projectConnectionString"].ConnectionString; SqlDataAdapter myAdapter = new SqlDataAdapter("SELECT *From User_Info", myConnection); SqlCommandBuilder builder = new SqlCommandBuilder(myAdapter); DataSet myDataset = new DataSet(); myAdapter.Fill(myDataset, "User_Info"); //Adding New Row in User_Info Table DataRow myRow = myDataset.Tables["User_Info"].NewRow(); myRow["user_name"] = this.user_name.Text; myRow["password"] = this.password.Text; // shoule be encrypted //not known till now how to do it myRow["name"] = this.name.Text; myRow["ip_address"] = this.ip_address.Text; myDataset.Tables["User_Info"].Rows.Add(myRow); myAdapter.Update(myDataset, "User_Info"); myConnection.Close(); myConnection.Dispose(); } catch (Exception ex) { this.error.Text = "Error ocurred in Creating User : " + ex.Message; }
View 3 Replies
View Related
Apr 1, 2008
I have a package protected by a password - I am already unhappy that to get it to use the configuration file to change connection strings for the production servers I have had to hardcode the password into the config file - very insecure!
However, the package now deploys correctly to the production server and will run from there OK, but NOT if scheduled as a SQL Server Agent Job. Thus is because however often I edit the command line to include the password after the DECRYPT switch (which it has prompted me for when I click on the command line tab), the Job Step will not retain it.
If I open it up after I have edited it and closed it, the password has disappeared.
I know that if I run dtexec plus the code in the Command Line tab (with the password), the package runs OK.
This is driving me insane!
I have read all the other posts and so I tried replacing the SSIS package step with a CmdExec step and pasting that code into there - then I get an OLEDB error..
The code I use is:
DTEXEC /SQL "ImportRateMonitoringTables" /SERVER servername /DECRYPT password /CONFIGFILE "D:Microsoft SQL ServerSSISDeploymentsRateMonitoringImportTasksDeploymentImportRateMonitoringTables_Production.dtsConfig" /MAXCONCURRENT " -1 " /CHECKPOINTING OFF /REPORTING E
and I get
SSIS Error Code DTS_E_OLEDBERROR. An OLE DB error has occurred. Error code: 0x8000FFFF
although the same code executes perfectly from a command prompt.
Please does anyone have any experience with a similar problem and if so, how did you get round it?
Thank you
View 9 Replies
View Related
Aug 24, 2006
Hi,
I'm wondering, why CLR user-defined-types are case-sensitive in T-SQL?
When I create an udt with vb.net, e.g. udtPoint with properties X and Y and a method ToString(), I have to write udtPoint.X ..., udtPoint.x would raise an error. udtPoint.tostring() isn't working, too.
I like vb, because you don't have to remember whether syntax is upper or lower case. Same is with T-SQL, there's no difference between select * from table and Select * FROM Table. Intellisense would by great, but is not yet implemented .
I'd like to put this topic under suggestions (in my opinon it's a bug), what do you think about it?
Many thanks for your answers!
View 1 Replies
View Related
Dec 14, 2006
This problem is a bit weird but I'm just wondering if anybody else experienced this.
I have a package that has file system tasks (copying dtsx files actually). Basically the package copies other packages to a pre-defined destination. Thing is, it only works if one of the packages it is configured to copy has some sort of sensitive data (e.g., a connectionstring with a password), otherwise it reports a success message on execution but doesn't actually do anything. I've checked the forcedexecutionresult and it is set to None for that matter.
Just wondering if anybody else experienced this problem and of course if there's a way to solve it.
Thanks.
View 2 Replies
View Related
Dec 7, 2006
This is my first time to deploy an asp.net2 web site. Everything is working fine on my local computer but when i published the web site on a remote computer i get the error "Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed" (only in pages that try to access the database)
Help pleaseee
View 3 Replies
View Related
Feb 16, 2003
Hi all
I have got an application developed on SQL7 which I have migrated to SQL2K.
It handles authentication internally and therefore stores usernames & passwords in a local table. The passwords are stored encrypted utilizing a function called "encrypt" taking the password in clear-text and returning a varbinary. When a user logs on his password input is encrypted the same way and compared to the stored password. So far so good...
Problem: On SQL2K the encrypt function returns a different result as it does on SQL7., which reults in authentication failures.
Unfortunately I cannot find any documentation about the encrypt function e.g. in BOL. Furthermore I cannot ask the developer who introduced the function anymore.
View 4 Replies
View Related
Jul 22, 2002
Hi Guys.
I am looking for TSQL code for RC4 encryption and decryption.
I found VBcode for RC4 encryption, it will take atleast 2 days for me to go thru that and rewrite the whole code in SQL.
If anyone has the code, please provide me.
(I know sql does accept extended ASCII characters)
Thanks
-MAK
View 1 Replies
View Related
Apr 16, 2008
Hello,
I do have one application in VC++ as a Front End & Sql Server 2005 as a Back End.
i want to store my username's password in encrypted format, means no one can able to see the password.
Ex:- if i enter password as a "xyz" then it should be save as a some encrypted [base 64 encoding scheme] format.
Can any one help me out?
Thanks
Prashant Hirani
View 5 Replies
View Related
Jan 8, 2007
Hi All,
In SQL 2000, i need to Export Data,so that datashould be encrypted.When i try to import that in any database it should authenticate the user and should get decrypted.IZAT Possible.
Can any one help?
Thanks,
Karthik
View 1 Replies
View Related
Nov 3, 2006
Is there a way to encrypt one column of data in a table in SQL Server 2000? Thanks!
-Dave
View 1 Replies
View Related
Jan 8, 2007
Hi,
In SQL2000 i need to Encryptdata when I export data using DTS.LikeWise I should when i import data I should authenticate that user and decrypt that.
Can any one help?
Thanks,
Karthik
View 1 Replies
View Related
Jan 8, 2008
Hi folks,
I'm trying to encrypt a small token of data on my client c# application and have it decrypted by SQL on the server side, the problem is i cannot find articles on the subject. I don;t really want to get involved with certificates but base the system on a simple symmetric key that is shared by both parties.
I'm attempting to use the TRIPLE_DES algorithm on both sides and thus far have used the decryptbypassphrase on the server side with the data encrypted on the client side by .Net with no initialization vector setup.
If anyone can recommend any articles or have example (client and server side) code for this situation it would be greatly appreciated.
Many thanks in advance
Simon
View 10 Replies
View Related
Feb 29, 2008
Does anyone know what my .net app guys need to share with me if encryption was done in the .net app but decryption needs to occur in certain sql queries? I read about master keys, certificates, symmeteric keys, algorithms etc but dont know how that stuff would carry over from the framework into sql. All I know is that the algorithm is AES_256, they must be adding authentication to the encryption and i know the hash algorithm, and symmetric keys are involved. Will they be sharing certain kinds of files with me that need to be registered in the db? Will I have to use CLR if I want the two worlds to come together?
View 4 Replies
View Related
Apr 10, 2007
Hi,
I found that I could encrypt StoredProcedures in Sql Server Express but have no idea about encrypting views. Any idea?
View 11 Replies
View Related
Sep 29, 2006
Hi,
I would like to encrypt and decrypt password in my own tables
select stuff
from mytable
where password = decrypt('ackdo$$y')
How can I do this? Is there any decrypt or crypt function?
thanks,
View 3 Replies
View Related
Mar 21, 2004
Dear everyone,
I am doing Login webform (C# .NET web application) with SQL Server 2000.
The staff table is to store authenticated user info.
But when I test it, I found that the password can be case insensitive, i.e. 'A0001' should be correct password, but 'a0001' can allow login.
Could anyone tell me how to solve this problem??
Thanks you very much!!
private void btnLogin_Click(object sender, System.EventArgs e)
{
//instantiate SQL connection
SqlConnection sqlConnect = new SqlConnection(connectStg);
SqlCommand selectLogin = sqlConnect.CreateCommand();
selectLogin.CommandText = "SELECT sid, type from STAFF Where sid= '" + txtId.Text + "' and pwd= '" + txtPwd.Text + "' ";
//open connectin for execution
sqlConnect.Open();
//instantiate the SqlDataReader reader
SqlDataReader loginReader = selectLogin.ExecuteReader();
//try and catch SqlException error
try
{
if(loginReader.Read())
{
// check whether the user is the role of administrator or operator
// I use GetValue(1) i.e. type field from the above select statement // if "O' then go operator page, else go to administrator page.
if (loginReader.GetValue(1).ToString().ToUpper().Equals("O"))
{
Server.Transfer("//SMS/LoginUser/SuccessLoginOper.aspx");
}
else if (loginReader.GetValue(1).ToString().ToUpper().Equals("A"))
{
Server.Transfer("//SMS/LoginUser/SuccessLoginAdmin.aspx");
}
}
else
{
//clear content of textbox and display error message
txtId.Text="";
txtPwd.Text="";
lblLoginFail.Visible = true;
lblLoginFail.Text="Login Failed!<br>" + "Ensure that ID and Password are correct!";
}
}
catch (SqlException se)
{
if (se.Number == 17)
{
lblLoginFail.Visible = true;
lblLoginFail.Text = "Could not connect to the database";
}
else
{
lblLoginFail.Visible = true;
lblLoginFail.Text = se.Message;
}
}
//close SqlDataReader and SqlConnection
loginReader.Close();
sqlConnect.Close();
View 5 Replies
View Related
Jul 6, 2005
Hi
how can i use the sensive case in a select field from table where fild='GhhY' ?
View 2 Replies
View Related
Aug 15, 2002
are SQL Server 7 table names, column names case sensitive?
View 2 Replies
View Related
Feb 13, 2001
In SQL Server 7.0, how do you SELECT a column which has values beginning with only lower case letters
can anyone advise?
View 1 Replies
View Related
Feb 15, 2001
Hi,
I want to change my database character set and I use database SQL Server 6.5.
At the first time I install database, I use charset type to case sensitive.
Now, I want to change this charset from case sensitive to un case sensitive.
I hope somebody want to trasnfer knowledge about it.
Thanks for attention.
Regards,
Susan
View 1 Replies
View Related
Sep 1, 2006
Do you know of an code example that would find what databases and what tables have sensitive data such as ssn, name of individual, etc.
View 1 Replies
View Related
Apr 24, 2007
Hi,
I am using SQL Server 2000.
How to make case sensitive of a database.
Eg :
Should work
Select * from Employees
Select * from Employees where Title like 'S%'
Should not work
select * from employees
select * from employees where title like 's%'
Thanks in advance.
View 7 Replies
View Related
Nov 3, 2006
Hi all,
How can we protect sensitive data (custom properties) in a custom connection manager or a custom data flow component?
The SSIS Books Online indicates in the "Security Considerations for Integration Services" page that "If you write custom tasks, connection managers, or data flow components, you can specify which properties should be treated as sensitive by Integration Services". But how to do it programmatically? Are there any attributes that can be applied on custom properties?
Thanks.
Pascal
View 6 Replies
View Related
Jun 23, 2007
Hi,I have a .net application and i added a code that encrypts data saved in database. However, there is already data in the fields that was entered before this change.I know need to check if the values in those fields are encrypted and if not i need to encrypt them.How can I perform such a check and update the relevant data?I use TrippleDES in .net to encrypt/decrypt the data.Thanks
View 1 Replies
View Related
Feb 17, 2008
Hi,
I would like to know that how can I encrypt a stored procedure, so that it can not be decrypt by me or not by any one ? I have tried using the SQL encrypt,but there is a decrypt command which decrypt the same. I do not want any one to decrypt without a password or encrypt the stored procedure so that it can never be decrypted.
Thanking you,
Regards..Jay
View 2 Replies
View Related
Apr 12, 2001
Hi,
Please help!!!!!!!
Is there are ways to encrypt data in the table (SQL Server 7) and then retrieve (decrypt) this information?
Thanks
View 1 Replies
View Related
Sep 18, 2001
I'm running SQL 70 SP 3 on Nt4.
We store passwords of users of our website. They need to be autenticated and based on that it gives them access to what they are entitled. But its not like NT or server authentication.
This has been setup so that we have a user table and it stores the password. However, it stores it in plain text. Is there any way I can encrypt this field so it is unreadable? Is there a property or a datatype that I can't find? Is there a way to simulate the encryption?
Any ideas or help are appreciated.
Thanks
Kelsey
View 1 Replies
View Related
Mar 1, 1999
I am setting up several isql job in Enterprise Manager and as a cmdexec job I need to pass the user id and password( -P). I shtere any way not to pass this as text and perhaps hide/encrypt it since any one who opens the task scheduler and looks at the job can read the password?
Thanks.
DAvid Spaisman
View 3 Replies
View Related
Sep 24, 2004
Does SQL Server 2000 provide any data encryption/decryption functionality so that certain fields (e.g. SSN, Age and Salary) will be encrypted before writing into the table and decrypted once loading out of the table?
J827
View 1 Replies
View Related
Nov 16, 2004
We like to secure datas.
Only a few people are autorized to read this information, but today, these informations are readable with a simple query with a query analyzer for exemple.
I'd like to encrypt datas with reversible function in one field of a table
Is there a function able to do this kind of work in SQLServer V7 or 2000 ?
View 1 Replies
View Related
May 30, 2006
hello guys! i have a question hope you'll help me..how can i encrypt the data that is stored in my password field everytime i insert value to it and decrypt it if i want to retrieve it? thanks in advance!!
View 7 Replies
View Related
