Hi Guys,
I will have a constractor for 3 months developing ssis packages for me.
Obviously, his Windows account will be deleted when he leaves.
My question his. under which securoty context should he develop packages so they will still work and still be accessible after his departure. Assuming we do not want to use any password to either have his packages running or have his packages accessible by other developers from the development environment.
Most of all we do not want ANY job failure due to "encryption issues" after his departure
Thanks
Philippe
In a shared enviornment, I like to use package passwords myself. I use a password in development and when we had them off to a client or to production support, they assign a new password to the package. dtutil.exe can do this quickly for you if you generate a batch file.
This may help you to with that type of strategy if you're interested:
http://whiteknighttechnology.com/cs/blogs/brian_knight/archive/2005/12/19/34.aspx
-- Brian Knight
|||If you store your packages to SQL Server, than you can use roles to grant and deny access to the packages. This is also a great approach if you wish to automatically execute packages because the integrations with Agent, the DTS Subsystem, and proxy accounts is all seamless.
I have an article here about SSIS security :
http://www.windowsitpro.com/Article/ArticleID/46723/46723.html
K
No comments:
Post a Comment