Community
FAQ Community User guide Contact Customer Info
Post Reply
Catalin
Posts: 6598
Joined: Wed Jun 13, 2018 7:49 am

Re: Service User Account Password Masked

Hello Prerak,

Please accept my apologies for the delayed reply.

Unfortunately, this indeed seems like a vicious cycle from which it's hard to get away.

However, we got here due to this:
As a result of this the password was set in plain text in registry and during upgrade it was trying to decrypt an uncrypted value and hence was failing.
A workaround to this issue here would be to not try decrypting the uncrypted values (simply get the plain text values) during the upgrade process. If you do not try to decrypt the uncrypted values, the service should get its parameters and start as expected.

Hope this helps somehow.

Best regards,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube
prerak6962
Posts: 112
Joined: Mon Dec 08, 2014 5:26 pm

Re: Service User Account Password Masked

Hi Catalin,

Unfortunately, it's a user password. So I do not want to store it as a plain text in the registry.
This is the reason I am using it as a "Secure Property".

The use case is pretty simple:
- Launch a service as a particular user whose credentials (username & password) are provided during the installation time
- Do not ask for the user credentials again during an upgrade

If there is any other secure way to achieve this, I would be happy to explore it.
If not, could you please forward this to your development team, in case they have some idea or may be a way to achieve this.

Thanks.
Prerak
Catalin
Posts: 6598
Joined: Wed Jun 13, 2018 7:49 am

Re: Service User Account Password Masked

Hello Prerak,

So basically we have here three variables: the "AI_SecureProperty", "StartServices" and "WriteRegistryValues" actions.

The correct order in which the update process can be done is the following: StartSerices --> AI_SecureProperty --> WriteRegistryValues.

The problem encountered here is the fact that your service, on a first time install will need to read some values from the registries, am I right? If that information is not sensitive i.e. a password, then maybe we can create a custom action which will write those parameters to the registries, so the service can retrieve them during the installation. We can then schedule this custom action to execute before the StartService standard action using the "Table Editor" as we have done previously.

Please let me know what you think of this workaround and if you need any help in achieving it and I will be glad to assist.

Best regards,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube
Post Reply

Return to “Common Problems”