• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 94 subscribers
  • Views 4165 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Get AD Sync Project Password Variable

dan
over 6 years ago

Using V7.1.1. I have a side process that I have to run that queries active directory for some data. There is also a sync project to the same domain and I want to reuse the connection from that. I've got the process running and it works fine, the only problem is that I'm having to clear text the password in as a parameter. I'm using the ScriptExec component and passing in the required connection variables with parameters. I get these parameters by querying the DPRSystemVariable table. The password, however, is encrypted. Reading the documentation it seemed I should be able to tick the encrypted box for the parameter and it would decrypt it automatically but I'm unable to authenticate when I do this. Is there anyway I can decrypt the password to use in my process?

  • +1 over 6 years ago
    You described the correct way to use an encrypted value. The question remains why you are unable to connect using the encrypted parameters.

    Did you try to add some logging to your script to check if the password received by the script is the one you expect?

    Does the JobService have access to the private key used to encrypt your database?
  • 0 over 6 years ago
    Yes I believe the JobService has access to the private key. I did some logging in the script to output the password being passed into it. First I did it with plaintext and the password came through as expected to my text file. Next I loaded the the encrypted password from DPRSystemVariable into Values("Password") in the pre-script for generating, then I set the parameter on the script component to be Value = Values("Password") and ticked the encrypted check box. The value of the password that gets output to a text file is the encrypted value as show in the DPRSystemVariable table and is like [E]DAB67zhv1KAvUSXFKF9...[E]. Ticking the encrypted button doesn't seem to decrypt it.
  • 0 over 6 years ago
    How would I check if the Job Service has access to the private key?
  • +1 over 6 years ago
    In the end, I created a custom configuration parameter and put the password to AD in there and set it to encrypted. Then passed it to my script in process orchestration and ticked the encrypted tick box. This successfully decrypted the password and allowed me to authenticate. I'm not sure why it decrypted a configuration parameter but wouldn't decrypt a value I was getting from the database but this work around is satisfactory.