Hello Everybody, I have developed a SSIS package to pull data from a remote SQL Server. I have specified Database related settings in a dtsconfig file. I was just wondering if we have any way of encrypting the config file so that only my package can read information out of it. Or is there any other better way where i can store my database configuration (uid, pwd) so that it is not viewed by anyone. please help me with this issude, thanks in advance... Regards, Sudhir Kesharwani

SSIS will not store passwords in configurations files. Look up the ProtectionLevel property. There are a few settings there that would interest you.

SSIS will not store passwords in configurations files. I don't believe this is accurate. I'm fairly new to SSIS, but I've created an SSIS package with an XML configuration file. Within the configuration file, I'm able to adjust the username and password for a connection manager. When I created the XML configuration file it didn't store the password used when creating the connection manager. However, it did keep and use the password that I entered directly into the file. The problem I'm trying to solve is that the configured value is not encrypted. I'm trying to find a way of encrypting the value.

If you are willing to look at 3rd party tool then try BIxPress- Secure Configuration Manager. It automatically encrypts and descrypts password from Config File or SQL Config Table. It supports 2 encryption mode 1) Basic Encryption (No server side component needed) 2) Advanced Encryption (Custom Serverside component Installation Required) Read more here http://pragmaticworks.com/help/bixpress/scr/ssis-secure-configuration-wizard.htm SSIS Video Tutorial - Secure Configuration Wizard SSIS-Tutorials-FAQs | Convert DTS to SSIS | Document SSIS | SSIS Tasks | Real-time SSIS Monitoring

Phil is correct - SSIS will never write passwords to a configuration file. However, you can alter the file to store them there. But a requirement to encrypt the password is usually a red herring - it's just not necessary when other best practices are used. Why? Best practices counsel you to only place one connection string per configuration file. You can store those files in a protected location, using NTFS/AD permissions to restrict access. If you really wanted, you can use NTFS to encrypt the whole file - but if you don't even have permissions to read it, encrypting it is kindof unnecessary, don't you think? Since your connection string is in a config file all by itself, there are no other "non-sensitive" values stored in the same file that you'd give an otherwise unauthorized user the rights to read or modify it. Therefore, it's not necessary to "protect" it by encrypting the value. Talk to me now on