May 23, 2011 at 9:34 am
Hi All, I have a rek where i need to encrypt SQL server authentications credentials in any XML file..
More details as below :
1.I have a SSIS package with single DB Connection manager which uses sql server authentications
2.I am using XML for package configuration.In this XML i will store Servername,DBname,Login and password details for the connection manager.
As i am storing login details as part of XML file anyone who opens the XML file will came to know about the production login details which is not fair.
FYI:
I am not supposed to hard code the password inside the package itself as if there is any change in the password we have to redeploy all the packages with updated password in the package and at the same time i can not go with SQL server configuration also..
I know there is way to encrypt credentials if we go for SQL server configuration....but i am not sure about XML configuration....
Any help will be really appreciated.....and let me know if i am not clear....
May 24, 2011 at 7:32 am
We store our XML config files in a specific folder that is locked down via AD to our admin group. That keeps the passwords out of the packages and restricts who can read/write to the config files.
Thanks,
MWise
May 24, 2011 at 7:55 am
Thats...my plan B..:-).
May 25, 2011 at 8:26 am
Although more complex you could add script component that takes encrypted versions in the files and sets the connection string to their unencrypted counterparts.
CEWII
May 25, 2011 at 9:07 am
What about changing the discussion? Is switching from SQL Authentication to Windows Authentication an option?
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
May 25, 2011 at 9:25 am
My usual position is that Windows(trusted) authentication is the default expectation, I usually only allow other kinds if there is some REALLY valid reason for it to not work.. My goal is to be able to store connection information without even having to worry about whether you can see it because it contains no passwords.
CEWII
May 25, 2011 at 9:25 am
Yaa...if they use windows authontication...I dont have to go through this pain.....
Anyway thinks for the Idea ,I will try to find out reasons behind using sql authentications. instead of windows authentications.....
Based on that will try look for some alternative for SQL authentications...
May 25, 2011 at 9:59 am
For me, SQL-to-SQL connections are ALMOST NEVER by SQL authentication, I don't want to store login information if there is not a really good reason to.
For some things like DB2, Oracle, etc. that don't understand trusted connections, we have to bend, but SQL-to-SQL, there are some pretty high hurdles.
CEWII
May 25, 2011 at 12:13 pm
Thanks for the responses ,i really appreciate your help...
May 25, 2011 at 1:58 pm
You are very welcome.
CEWII
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply