Suggestions for Scheduled Tasks to call OSQL without hard-coding cleartext password

Question

Can anyone think of any techniques where i can have a Windows scheduled task run OSQL, but not have to pass the clear-text password with cleartext password being in the clear? E.g.:

>osql -U iboyd -P BabyBatterStapleCorrect

Assumption: No Windows Authentication (since it's not an option)

i was hoping there was a

>OSQL -encryptPassword "BabyBatterStapleCorrect"
>
> OSQL
> Encrypted password: WWVzIGkgd2FudCB0byByYXBlIGJhYmllcy4gQmlnIHdob29wLiBXYW5uYSBmaWdodCBhYm91dCBpdD8=

And then i could call OSQL with:

>osql -U ian -P WWVzIGkgd2FudCB0byByYXBlIGJhYmllcy4gQmlnIHdob29wLiBXYW5uYSBmaWdodCBhYm91dCBpdD8=

But that's not something Microsoft implemented.

score 1 · Accepted Answer · edited May 23 '17 at 12:41

1

Information about whether the logon process in OSQL is secure or not seems to be sketchy and contradictory (see here)

I think SQLCMD supports SSL encryption which would prevent the password being sniffed over the wire - but if you're storing the password in a script or something and you're worried about prying eyes, encrypt it and decrypt it yourself before passing it to SQLCMD.

edited May 23 '17 at 12:41

Community

1

answered Sep 14 '12 at 18:35

Chris McKeown

7,198

Suggestions for Scheduled Tasks to call OSQL without hard-coding cleartext password

1 Answers1