Recover lost database credentials

system · November 17, 2011, 1:54pm

Method of extracting lost / forgotton credentials from Designer.

ExtractConnections.xls (c) J.Huntley 2011

Version History
---------------
V1.0  November 2011

Description
-----------
In an large Business Objects installation, connection credentials can often get lost or forgotton.
Usually, the only way to resolve this is to reset the database password. Unfortunately, this may cause
additional problems, particularly if the account is shared by another application or other BO connections.

As a result, there may be a legitimate need to recover lost credentials.
The encryption scheme used by Business Objects XI appears to be secure. Universe Designer, however, as part of the
process of displaying the connections dialog box queries the CMS for connection objects and creates a class instance
internally to hold all the details should the user wish to view or change them.

It appears from examining the heap of the designer process directly after the connections window is displayed that
each connection instance holds an XML fragment containing all the connection properties including the cleartext password.
I summise that this XML is probably what is used to exchange connection data with the CMS and that instance
variables may be used to interact with the GUI.

As Designer has helpfully filled its heap with easily identifiable cleartext credentials, it is relatively easy to
to extract these details and populate a spreadsheet with the connection properties.

Limitation: Connection name is not available. If you need this, InfoObjects is probably the best source.

Tested on XI3.1 SP3, may well work on other versions.
ExtractConnections.xls (99.0 KB)

RHuntley (BOB member since 2011-08-12)

system · November 17, 2011, 3:42pm

[Moderator Note: Moved from Semantic Layer / Universe Designer to BOB’s Uploads]

Marek Chladny (BOB member since 2003-11-27)

system · December 30, 2011, 3:28pm

Can I vote for this to be approved and moved to the downloads section? Although it’s a little scary that you can get the password like this, I find myself in this exact situation…taking over support of a universe that noone knows the connection password, and resetting the password is not an option for a variety of reasons.

ajunell (BOB member since 2004-05-03)

system · December 30, 2011, 3:50pm

If you would be happy to test this for me, feel free to drop me an email (should be visible in my profile).
It works on XIR3 SP3 but I haven’t had time to test on other platforms.

Regards,
Jason

RHuntley (BOB member since 2011-08-12)

system · January 18, 2012, 6:35pm

Moderator note:
Approved, and moved to BOB’s Downloads.

Marek Chladny (BOB member since 2003-11-27)

system · January 18, 2012, 8:59pm

Fascinating!!

Well done …and thanks for sharing of course.

Atul Chowdhury (BOB member since 2003-07-07)

system · January 18, 2012, 9:10pm

Maybe just one note:
C:\temp folder must exist before running the utility. The utility will not create it. If you still run it and C:\temp does not exist, you will get an error message.

Marek Chladny (BOB member since 2003-11-27)

system · January 18, 2012, 9:21pm

Hmm - I get a “Could not debug process” message.

Instructions were following as described in the worksheet.

It seems that this macro uses the windows debugger “ntds” that I don’t think ships with Windows 7.

When I get to modUtils and it creates “szCommandLine” defined as …

"ntsd -p 4776 -c ".dump -f c:\temp\designer.dmp ; q ""

…it stops.

Version: BOEXI3.1 SP3 FP3.2
Excel 2007, Macros Enabled
Windows 7 Professional 64 bit

I’ll give it a go on an XP machine when I get a moment. …

Atul Chowdhury (BOB member since 2003-07-07)

system · January 19, 2012, 8:22pm

Ah yes, it doesn’t work with Windows 7 I’m afraid due to the lack of ntsd as you’ve noted.

If you want to get it running, you can always use Task Manager or Process Explorer to dump designer’s memory and then load it that way.

You will have to alter my code to read the dump file instead of trying to create it. It’s a bit rough and ready so please feed back any improvements.

RHuntley (BOB member since 2011-08-12)

system · April 10, 2014, 7:49pm

Thanks RHuntley for this nice tool.

on Windows 7 machine, I’ve created dump file manually and modified the code to read this file instead of creating the dump in the utility using VBA. It worked very well.

If anyone is interested in knowing how to run it on Windows 7 machine, below are the steps

[list]
Launch Designer and Log into Designer using Administrator account
Launch Task Manager and select Designer in Process tab and right click and select Create dump file.
Open this Excel utility, and open the code under Sheet2 (instructions)
comment the following code

'If Not DumpMem(sFile, lProc) Then
’ MsgBox “Could not debug process”, vbExclamation, “Error”
’ Exit Sub
'End If

add following line of code
sFile = “”

Run the utility.
[/list]

Sree Konduri (BOB member since 2005-07-14)

system · April 30, 2014, 10:04am

Hi,

Its fetching only 33 connections for me. Is there any limitation set in the code?

Regards
Masood

mafta (BOB member since 2011-05-18)

system · August 5, 2014, 4:06pm

As scary as it is that this is even possible, I have to say that it’s saved my butt numerous times.

joepeters (BOB member since 2002-08-29)

system · March 5, 2015, 11:21am

Hi,

Do you have this utility for BI4.1?.

Thanks.

sat.dpi (BOB member since 2009-02-12)

system · June 9, 2015, 3:42pm

Can we use the same utility for BO4.0?
Do we need to add any library in the macro tpo get it work for BO 4.0?
Please suggest

Regards
Masood

mafta (BOB member since 2011-05-18)

system · April 6, 2016, 12:27pm

[quote:815a729cd9=“sat.dpi”]Hi,

Do you have this utility for BI4.1?.

Thanks.
[/quote]

It does work for BI 4.1 (SP5), but as I am on Win7, look into the thread: it needs a bit of modification in the script .

Yes, it is kind of scary that it works, but :

The danger is limited :
the thief of passwords needs :
access to your universes (1)
AND
Designer ( UDT ) on hir machine (2)
AND
cannot be trusted with the password(s) (3)
AND
find this tool (4)

OK, that last one is the easier part : start digging BOB DLD …
But as (1)+(2) almost imply NOT (3) … yes, you sometimes need to trust people too,
or they will quit and you have to train new universe designers.

RensH (BOB member since 2007-06-18)

system · April 6, 2016, 3:24pm

And (5) access to the database…

joepeters (BOB member since 2002-08-29)

system · April 6, 2017, 9:05am

Yes you can use it, I tested few minutes ago it on a Win7 client connected to a BI 4.0 Sp10 Fp3 environment and it runs fine!
Angy

abarbone80 (BOB member since 2017-04-06)

system · April 9, 2017, 6:25pm

It works with Windows 10 and 4.1 SP8, for what it is worth.

Nick Daniels (BOB member since 2002-08-15)

system · October 18, 2019, 2:01pm

For what its worth where is this magical utility. If there is a Windows 10 version can someone please post to the download section.

I will vote for it!!!

tenather (BOB member since 2002-08-29)