August 25, 2009 at 10:28 am
Hi people!
I would like to know if it's possible to create a credential using windows authentication but without specify in clear text the user password.
The scenario is: I have SQL Logins but none of them have SysAdmin role..so it can't be use to run an SSIS package through SQL Server Agent..I want to use the windows login (by default it have SysAdmin role) to run the package but without typing the password.
This it's possible to do? Without create new account or giving SysAdmin to an SQL Login?
There is any other(better) method?
Thanks in advance!
Best Regards
August 25, 2009 at 10:34 am
Which Windows login? The SQL Server's? The SQL Agents? Someone else's?
[font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
Proactive Performance Solutions, Inc. [/font][font="Verdana"] "Performance is our middle name."[/font]
August 25, 2009 at 11:41 am
You can create the credential, but that requires SQL Server to store the password in an encrypted format. With respect to Profiler or traces, the command will be obscured by SQL Server, so that an admin or DBA can't see the password as the command gets submitted to SQL Server. However, it is possible if someone is sniffing the network connection for the server to see the password in plaintext. However, this tends to be very unlikely. So once you get it over to SQL Server it won't be in plaintext. And once you get it over, you can assign a particular login the ability to use that credential and execute jobs in its context.
K. Brian Kelley
@kbriankelley
August 25, 2009 at 12:42 pm
RBarryYoung (8/25/2009)
Which Windows login? The SQL Server's? The SQL Agents? Someone else's?
The one that's logged in at the moment!
Imagine that I have to create an Job including an SSIS on a client without changing my application user's login to sysadmin.
The only way it's using the windows account logged at the moment right?
Thanks
August 27, 2009 at 2:06 am
Let me try to clarify my question
I know that it's possible to create an credential without clear text script going under Security Folder. (Here the password is typed with *****)
But if I wanna automate the process because I have a lot of installations the better way is to create an script, right?
But, creating script means to insert the windows/SQL account password in clear text on the credential creation. :angry:
My doubt is if I'm logged in with an account with sysadmin role it's possible to create the credential without type the password?
The SQL can't know the Password of logged (Windows/SQL) user and save by itself?
By other words It's always necessary when creating an Credential insert the account password?
Thanks 🙂
Cláudio Silva
September 14, 2009 at 10:02 am
Another doubt is..all credentials must be an Windows Account??
Can be an SQL Login?
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply