Login information being exported to RDD file
Exporting a Data Source with 12.4.7.0 or 12.4.8.0 exports some things that look like they shouldn't be in there.
We have a SQL Server Data Source with Integrated Security. Previously, exporting the source gave this (cleaned):<?xml version="1.0"?><DataSourceExporter> <DataSources> <SQLServerConnectionDataSource> <AllowDataSourceVariables>false</AllowDataSourceVariables> <AllowOfflineMode>true</AllowOfflineMode> <ID>CLEANED</ID> <IsDefault>true</IsDefault> <IsReadOnly>false</IsReadOnly> <Name>RDM</Name> <PersonalDataSourceID>CLEANED</PersonalDataSourceID> <PromptForOfflineMode>false</PromptForOfflineMode> <SafePrivateVaultMasterKeyPassword /> <TwoFactorInfo /> <AllowBetaDatabaseUpgrade>false</AllowBetaDatabaseUpgrade> <UseDBLogin>false</UseDBLogin> <CommandTimeout>60</CommandTimeout> <Database>CLEANED</Database> <IntegratedSecurity>true</IntegratedSecurity> <LoginMode>IntegratedSecurity</LoginMode> <SafePassword /> <Server>CLEANED</Server> <SqlAzure>false</SqlAzure> <Timeout>30</Timeout> <User /> <UserNameEditable>false</UserNameEditable> </SQLServerConnectionDataSource> </DataSources></DataSourceExporter>
I notice the PeronalDataSourceID changes and I'm not sure what this maps to.
The import bit though is that the new one is exporting some peronsal information for the same thing (marked):<?xml version="1.0"?><DataSourceExporter> <DataSources> <SQLServerConnectionDataSource> <AllowDataSourceVariables>false</AllowDataSourceVariables> <AllowOfflineMode>true</AllowOfflineMode> <ID>CLEANED</ID> <IsDefault>true</IsDefault> <IsReadOnly>false</IsReadOnly> <Name>CLEANED</Name> <PersonalDataSourceID>CLEANED</PersonalDataSourceID> <PromptForOfflineMode>false</PromptForOfflineMode> <SafePrivateVaultMasterKeyPassword /> <TwoFactorInfo /> <AllowBetaDatabaseUpgrade>false</AllowBetaDatabaseUpgrade> <DBLoginUserName>PERSONAL</DBLoginUserName> <SafeDBLoginPassword>PERSONAL</SafeDBLoginPassword> <UseDBLogin>false</UseDBLogin> <CommandTimeout>60</CommandTimeout> <Database>CLEANED</Database> <IntegratedSecurity>true</IntegratedSecurity> <LoginMode>IntegratedSecurity</LoginMode> <SafePassword>PERSONAL?</SafePassword> <Server>CLEANED</Server> <SqlAzure>false</SqlAzure> <Timeout>30</Timeout> <User>PERSONAL</User> <UserNameEditable>true</UserNameEditable> </SQLServerConnectionDataSource> </DataSources></DataSourceExporter>
I assume most, if not all of, the information marked PERSONAL should not be in here with Integrated Security. I exported to distribute a new source to all our users for a server move. Everything else about the configuration is identical.
All Comments (4)
Hello,
I have been able to reproduce your issue partially.
If you create a new data source and export it in a .rdd, the results will be like the first export that you have pasted in your post.
If you duplicate an existing data source and then create a .rdd from that duplicate, you will see something in the User field ex:
</User>admin</User>
However, in all my tests, the SafePassword field is always encrypted.
Does the .rdd was created from a duplicate of your primary data source?
Best regards,
Jeff Dagenais
Hi Jeff,
This was indeed a duplicated entry. I have created a clean one and it is like the first one, as you said, without the personal info.
Hello,
A ticket has been opened to our engineering department regarding this.
Thank you for your post.
Best regards,
Jeff Dagenais
Done, the fix will be in the next beta release.
Best regards,
Stéfane Lavergne