ECMA 2.0 Retrieval of Encrypted ConfigParameter value RRS feed

  • Question

  • Hi,

    I have developed an ECMA 2.0 for Oracle based database. One of the configuration parameter is Password developed using "ConfigParameterDefinition.CreateEncryptedStringParameter" The password value is retrieved using SecureValue during the Export and Import process without any issue. However, when I attempt to Refresh Schema, the GetSchema method is called by the Password's value seems to be empty (i.e. Length).

    Wondering if anyone ran into a similar issue...


    Thursday, June 21, 2012 2:21 PM

All replies

  • As I answered this thread, you must decrypt the parameter.

    Naohiro Fujie MVP for Forefront Identity Manager ( Jan 2010 - Dec 2012 )

    Tuesday, July 17, 2012 12:20 AM
  • Hi Naohiro, 

    Thank you for the suggestion. However, the issue I am running into is that the secure value retrieved from the encrypted password field in the GetSchema method is empty. 

    Retrieving the same secure value in the Begin Export and Import methods work no problem. And yes, I am able to marshal the password into a text to construct a database connection string. 


    Friday, July 20, 2012 8:07 PM
  • Hi,

    Hmm... I can get the encrypted value in GetSchema method.

    Here is my code.

    public Schema GetSchema(KeyedCollection<string, ConfigParameter> configParameters)
        logger("admin pwd:" + Decrypt(configParameters["Admin Password"].SecureValue));
    private string Decrypt(SecureString inStr)
        IntPtr ptr = Marshal.SecureStringToBSTR(inStr);
        string oStr = Marshal.PtrToStringUni(ptr);
        return oStr;

    Naohiro Fujie MVP for Forefront Identity Manager ( Jan 2010 - Dec 2012 )

    Saturday, July 21, 2012 10:48 AM
  • Hi!

    Any luck on this ? i seems to have the same trouble it works on import but not on schema refresh ? i'm i missing som patches

    Ulf Lindström

    Tuesday, October 9, 2012 5:47 AM
  • What specific version of FIM are you using?  It was a problem with the last version of FIM 2010 Rollup 2 that I tried -- no longer an issue on FIM 2010 R2 however.  I haven't been checking out any of the following R1 patches since...
    Tuesday, October 9, 2012 2:51 PM