Method of extracting lost / forgotton credentials from Designer.
ExtractConnections.xls (c) J.Huntley 2011
V1.0 November 2011
In an large Business Objects installation, connection credentials can often get lost or forgotton.
Usually, the only way to resolve this is to reset the database password. Unfortunately, this may cause
additional problems, particularly if the account is shared by another application or other BO connections.
As a result, there may be a legitimate need to recover lost credentials.
The encryption scheme used by Business Objects XI appears to be secure. Universe Designer, however, as part of the
process of displaying the connections dialog box queries the CMS for connection objects and creates a class instance
internally to hold all the details should the user wish to view or change them.
It appears from examining the heap of the designer process directly after the connections window is displayed that
each connection instance holds an XML fragment containing all the connection properties including the cleartext password.
I summise that this XML is probably what is used to exchange connection data with the CMS and that instance
variables may be used to interact with the GUI.
As Designer has helpfully filled its heap with easily identifiable cleartext credentials, it is relatively easy to
to extract these details and populate a spreadsheet with the connection properties.
Limitation: Connection name is not available. If you need this, InfoObjects is probably the best source.
Can I vote for this to be approved and moved to the downloads section? Although it’s a little scary that you can get the password like this, I find myself in this exact situation…taking over support of a universe that noone knows the connection password, and resetting the password is not an option for a variety of reasons.
on Windows 7 machine, I’ve created dump file manually and modified the code to read this file instead of creating the dump in the utility using VBA. It worked very well.
If anyone is interested in knowing how to run it on Windows 7 machine, below are the steps
Launch Designer and Log into Designer using Administrator account
Launch Task Manager and select Designer in Process tab and right click and select Create dump file.
Open this Excel utility, and open the code under Sheet2 (instructions)
comment the following code
'If Not DumpMem(sFile, lProc) Then
’ MsgBox “Could not debug process”, vbExclamation, “Error”
’ Exit Sub
It does work for BI 4.1 (SP5), but as I am on Win7, look into the thread: it needs a bit of modification in the script .
Yes, it is kind of scary that it works, but :
The danger is limited :
the thief of passwords needs :
access to your universes (1)
Designer ( UDT ) on hir machine (2)
cannot be trusted with the password(s) (3)
find this tool (4)
OK, that last one is the easier part : start digging BOB DLD …
But as (1)+(2) almost imply NOT (3) … yes, you sometimes need to trust people too,
or they will quit and you have to train new universe designers.