I've been trying to learn how to use HSQLDB but it seems like any changes I make are acknowledged and then either ignored or done incorrectly. For instance, I created a new user (internal_admin) as SA but after attempting to log in as this user I get the following error:
not found: internal_admin
Command used to make user: create user internal_admin password somepassword ADMIN;
To add to my issues, I changed the password of SA to a randomized password that I copied from a .txt file (to ensure the password was entered correctly) but after trying to log in with the exact same password on SA I get an invalid authorization specification. Checking the logs, all commands I sent went through successfully and were logged, but the changes are not being reflected. Is HSQLDB just absolutely, unforgivably awful or am I doing something wrong? I've tried restarting the db but it makes no difference.
Command used to change password: Alter User SA set password somepassword;
I should add that I'm doing this testing on my local computer, not on a remote or dedicated server.
HSQLDB enforces case sensitivity for user names and passwords. You need to use relevant quote characters for user name and password to make them in the exact case you entered..
create user "internal_admin" password 'somepassword' ADMIN;
Related
I am running Enea OSE 4.6.1 on a system that I have and every so often (sometimes a few days, usually several weeks), I am asked to change my password by the system.
I am wondering if there is a way to check the expiration date of my password, or modify said date. I do not enjoy having work to do and being surprised with the expired password. The end goal is to write a script to check the password expiration so I am aware beforehand.
I searched through some of the OSE Documentation I have on hand and did not see much about passwords (I do not have every PDF). I also checked through some of the source code and the validation process but see no mention of expiration, dates, or change. Finally, I was able to secure a list of all pre-configured command line commands and none of them mention (expiration) date for passwords. There is a command to change password but it mentions nothing of time or date.
I believe there is a way to create my own custom command line command I found in one of the OSE manuals, but in order to do that I will need to know where password expiration is stored.
Any information would be greatly appreciated as I know OSE is not too widespread. Thank you in advance.
My computer recently crashed and I am getting things re-installed.
I would like to import the list of registered servers I had on my previous PC. I have both the RegSrvr.xml file from G:\Users\<user>\AppData\Roaming\Microsoft\Microsoft SQL Server\140\Tools\Shell
as well as backups (with username/passwords) of *.regsrvr files which I can move from my laptop.
I see that moving over the RegSrvr.xml file to the same location in the new PC does nothing at all.
And when I try to import the *.regsrvr files - I get an error 'Key not valid for use in specified state. (System.Security)' and only about half the list actually import.
Is there a way around this?
I had this issue after importing my SSMS Server registration file WITH PASSWORDS from a different computer. To fix this, I re-exported the Server registration "without passwords" from my other computer and re-imported that file without passwords. This worked however, you can edit the registrations as you go.
The issue is that the passwords are stored in an encrypted string in the file, and the encryption key used is specific to that machine where SSMS is installed. So when you export them then import on a new machine, you get that error because it can't decrypt/use the passwords.
Most people just re-export from the old machine without passwords, then after importing into the new SSMS on the new machine, they manually go fix all the passwords.
What I wanted to add was that since it's "just a text file", you can save a LOT of work by manually editing C:\Users\{user}\AppData\Roaming\Microsoft\SQL Server Management Studio\RegSrvr.xml.
What I did was import the file and ignore all of those errors
===================================
Key not valid for use in specified state. (System.Security)
------------------------------ Program Location:
at System.Security.Cryptography.ProtectedData.Unprotect(Byte[]
encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
at
Microsoft.SqlServer.Management.RegisteredServers.RegisteredServer.ProtectData(String
input, Boolean encrypt) at
Microsoft.SqlServer.Management.RegisteredServers.RegisteredServer.get_SecureConnectionString()
at
Microsoft.SqlServer.Management.RegisteredServers.RegisteredServer.get_ConnectionString()
at
Microsoft.SqlServer.Management.RegisteredServers.RegisteredServer.get_ServerName()
at
Microsoft.SqlServer.Management.RegisteredServers.RegisteredServerTree.AddRegisteredServerNode(RegisteredServer
regSrv, TreeNodeCollection nodes)
Then I went through this process:
In SSMS, fix a "server".
Over in the file, copy/paste that "good" encrypted password string over to all of the other "servers" that had a connection using the same password.
Restart SSMS.
Repeat as needed.
I like Granger's answer above because it's cumbersome for me to re-export from the other computer.
But instead of swapping password like Granger did above, I just deleted them (and you can re-input password from SSMS if needed). To remove password easily, use Notepad++ and search for password=[^;]*;
Use Regular Expression search.
Replace with blank.
I had a hard time migrating between two computers & was getting this error. Even after re-importing and deleting the xml file, I still got it. I ended up running the Import and Export Settings wizard & selecting "Reset all settings" which did work.
I have a state which creates a user on a minion.
This works fine.
The user gets created on the first run, the next N days (or years) it won't be created again.
I want to do some action on a different host after the user was created. For performance reasons I only want to execute this action once, on the first run when the user gets created.
Up to now I search some sort of trigger which gets fired if a state changes. Other solutions are welcome.
Use case
After creating the user on the minion I need to insert the minions ssh host-key to a .ssh/known_hosts file to make password less logins work.
To tackle the use case and not the question I suggest the following:
use Salt Mine to collect the public keys of your minions
put the ssh host-keys of the minions into /etc/ssh/ssh_known_hosts
You can use the openssh formula as a starting point. It contains the scripts for Salt Mine and also how to create a ssh_known_hosts file. It adds a lot of magic with dig to discover host names and IP adresses that might be oversized for your environment.
Once it is all set up it should work as follows:
add a user: host's ssh_known_hosts file will used, nothing else needs to be done
add a minion: update the mine, run the provisioning to on all minions to update the host's ssh_known_hosts file.
Just found that SQLPLUS would parse the first line of a sql script as connect string if I do not include the credentials when invoke sqlplus in the terminal, details are listed below:
I have a sql script named runme.sql:
scott/tiger#//localhost:1522/orcl
select * from dual;
exit;
If I invoke sqlplus as sqlplus #runme.sql , sqlplus could parse the first line and connect to database and run the sql. Can anyone point me to the documentation for this if there is any ? Also what are the advantages for supporting this syntax ?
The documentation is usually a good place to start. Note the warning if you supply the username/password on the command line; providing at least the password when prompted is more secure, and particularly in Unix-type environments means the credentials don't appear in the output of a ps command.
Putting either the password or both the username and password in a script automates that, but of course you have to then ensure that the script can't be viewed by anyone who shouldn't know the credentials.
As LalitKumarB notes in a comment, hardcoding the password anywhere is a security risk. If you're running scripts interactively then allow the slight inconveince of being prompted each time. (Which isn't really inconvenient when compared to the damage that could be done from the credentials being misused, and subsequent inconvenience of recovering, and/or finding a new job). If the script isn't being run interactively then use the scheduler rather than, say, cron. You can also use Oracle Wallets for greater security without so much inconvenience.
Specifically for your query about it parsing the first line, the documentation says:
If you do not specify logon but do specify start, SQL*Plus assumes that the first line of the script contains a valid logon.
In this context 'start' is the same as using # on the command line to supply the script name.
I'm using Devise for authentication, and I need a way to quickly change every user's password to be the same password so that I can test locally using production data. Because there are a bazillion callbacks in this legacy codebase, and innumerable surprises lurking, and because it takes a really long time for the Rails environment to load, I would like to be able to do this in one SQL query.
So, I created a user, set the user's password to "Passw0rd" in the UI, then grabbed that encrypted_password field and copied it to all the other users, but Devise busted me for having an invalid hash. I assume this means that the encrypted password is salted somehow using other pieces of the user entry, which is pretty smart, but it makes it hard to imagine how I'll accomplish this in SQL.
Does anyone know how the encrypted_password field is structured so that I could roll my own in the database?