1

I am using impersonation for connecting SQL Server with domain user but we have to provide the password too. Is there any way we can connect to SQL Server without a password. My connection string is - 

<connectionStrings>
  <add name="connectionString" connectionString="Data Source=myServerAddress;Initial Catalog=myDataBase;Trusted_Connection=Yes" providerName="System.Data.SqlClient"/>
</connectionStrings>

<system.web>
<identity impersonate="true" userName="Domain\userName" password="password"/>
</system.web>

I am asking this question because security team does not want to keep passwords in web.config file (not in encrypted format). They have another tool which keeps the password for all the AD Accounts and from there we have to retrieve the password before connecting to SQL Server. How is it possible in ASP.net?

IDE - Visual Studio 2012 (Framework 4.0)

Thanks!

Improve this question
7
  • You have a system that stores the passwords? Then why not grab the connection string template from the config file, grab the passwords from that system, insert them into the connection string, and off you go! Of course...why is your system storing passwords encrypted? Passwords should be one-way hashed. That shouldn't be reversible. Commented Jun 4, 2018 at 18:46
  • Possible duplicate of Connection String Using a Domain User? Commented Jun 4, 2018 at 18:47
  • Yes, that tool name is TPAM. I think that's not possible in domain user scenario because how would asp.net application create the access token when we retrieve the password from that system and insert into connection string dynamically? Commented Jun 4, 2018 at 19:12
  • @ Hackerman - No its not duplicate, I have gone thru that post last week. Commented Jun 4, 2018 at 19:14
  • 1
    @ WorkSmarter - For that also, we have to provide the password and how will application pool know the new password from TPAM dynamically? Commented Jun 4, 2018 at 20:57

1 Answer 1

Reset to default
-1

before even connecting you can basically add a button and when that event occur input a password use the password in the connection String field directly and you are good to go .

This might not be as it is as i just said depend upload the framework you are using but its a concept that can be very usefull if you can retype the password again and again .

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.