September 22, 2008 at 4:41 pm
Hi,
I have my legacy DTS packages converted to SSIS in DEV environment. I have XML configuration files for all these packages and have SQL server authentication, since these are called by application.
I have some security questions:
1. When I deploy package I can see these passwords .... What is best solution here if exists one.
My solution is : Make this package password protected only in production environment ( password for test environment is same afor all logins). Cons: Only DBA can deploy these packages to production.
Any other thoughts?
2. IF I open XML configuration files, I can see passwords and anyone can modify. I don't know hwether we can encrypt configuration files ?
My solution is : Make this directory password protected on production.
Does everyone suggest storing configuration files in SQL server is better in this situation ? The only cons here is, need to update sql server table for any changes/new configuration files right ?
Thank you for any suggestions..
VG
September 22, 2008 at 8:02 pm
Normally you would not use configuration files to store passwords.
Normally passwords should be embedded within the package and protected through SSIS's encryption mechanism.
You use the DTUTIL.exe with the /ENC and /DEC options.
I think you may be describing a situation where developers develop against a development datbase server that has a different password to the production database server. I have never had that particular problem but if that is the case I believe you may need to put the production password in a configuration file. Its probably best to just rely on normal windows file system security to restrict access to that sensitive config file.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply