Batch reporting capability?

mvsgeek
2007-07-15
2012-09-17
  • mvsgeek

    mvsgeek - 2007-07-15

    Pardon my noobieness, I searched diligently without success before posting this...
    I'd like to be able to schedule a batch job, to run let's say weekly, which will generate a text file showing all accounts whose passwords are about to expire. This would make life a lot easier for our DBA group.
    Thanks in advance.

     
    • Rony Shapiro

      Rony Shapiro - 2007-07-15

      Hi,

      At first thought, I liked this idea a lot. However, I see a dilemma in implementing it. Either:

      1. If the batch command can be run without prompting for the master password, then anyone can run it, and gain potentially useful information (e.g., the usernames of the accounts about to expire). Some environments would consider this a security weakness.
      2. OTOH, if the application requires the master password to generate the report, then the "batchiness" property is lost.

      So I'm afraid that currently I don't see a way to implement this in a useful yet secure manner.

      Rony

       
      • mvsgeek

        mvsgeek - 2007-07-15

        Rony, thanks for the quick response. I realize the implications of embedding passwords in batch files, it's unfortunately necessary for some of our applications, but always as a last resort. Initially when we implemented Password Safe it was simply intended as a convenient central password repository, but now the added features open up more possibilities. What I was looking for in this case was be a more elegant solution than our existing method of querying many databases every week and generating a warning email to the appropriate DBA.

        fyi Password Safe and all associated files are installed on a secure network drive to which only a small group has access.

        -mvsgeek

         
  • Anonymous - 2011-09-07

    Rejoining this discussion... could it be possible to get at the "unsecure"
    data (i.e. pretty much everything but the passwords) in batch mode? I
    understand it would take some serious tweaking, but it would be useful to have
    reports like the one mentioned there. We currently double-maintain our list of
    UserIDs elsewhere and it would be preferable to just generate a list them on
    demand. Our solution is also already secured to a small group of people.

     
  • DrK

    DrK - 2011-09-07

    As Rony said - currently we don't see a way to implement this in a useful yet
    secure manner. However, you can always open the database and export it to a
    plain text or XML file and make sure that you do not export the passwords (via
    the Advanced selection feature) and then process these clear text files.

    David

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks