ramlicious Blogs by Tina & Prabhu

August 12, 2010

Hiding/Masking Credentials (User name and Password) in Batch Files

Filed under: Scripting,SQL Server — Prabhuram @ 9:22 am

I had few ISQL and BCP jobs that are scheduled to run from SQL Servers. Hmm, yes there is a problem here when you have to use the login credentials like this:

"C:\Program Files\Microsoft SQL Server\90\Tools\Binn\osql\osql.exe" ^
    -U%username% -P%password% -S%server%

I was thinking of a way to encrypt the user name and password. The fact is that there is no easy way to do this. But there is a work around.

The solution is:

  • Create a configuration file in a remote folder to which only a particular user account has access to. Eventually since the job will be executed as a scheduled job, the user account that runs the original batch task should have access to this remove folder and not all the user.
  • List the user crendentials that needs to be securely kept. Say for example, create an INI file Credentials.INI (53.00 bytes) with required settings:
    • server=mySQLServer
    • username=sa
    • password=P@@ssw0rd
  • Read the parameters from your batch file ReadINI.bat (163.00 bytes) or any file that wishes to use the credentials. Note that the Crendentials.INI can refer to a
    • for /f "tokens=1,2 delims==" %%a in (Credentials.INI) do (
      set %%a=%%b
      )

Now you can simple access the parameters in your INI as %username%, %server%, etc.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

You must be logged in to post a comment.

Powered by WordPress