Toad World® Forums

Change PWD on many connections automatically


#1

Hi,

Is there any chance that Dell make some tool that would update all saved passwords for named connections to something else.

We have a situation that users have 50-100 databases with 10-30 connections (schemas) on each db.
So when we have to change passwords, maintaining in Toad is practically impossible without manual work.

Hope you do realize that this should not be an security issue because we want to change passwords (not to read them somehow).

Thank you in front on reply.

Brg
Damir


#2

If I understand correctly, I’d also like to know how to do this.

In my case I have a 30-day expire policy that exists across 25 or so connections to about 15 databases (some dbs have multiple connections, the total picture is not as extensive as the original poster).

I’d like perhaps a command-line interface or scripting process that would allow me to either change my DB password and update the TOAD saved password, or change the DB password via TOAD, or something that would help keep my TOAD saved passwords in sync with the database. Right now it’s a tedious and error prone process to open each connection and type/paste in a new password every 30 days.

Any ideas would be appreciated. I’m running Toad for Oracle 12.6 and 12.12.


#3

Toad does not have this built in, but load your Connections.xml into a suitable text editor. Its default location is %APPDATA%\Quest Software\Toad for Oracle\12.12\User Files\Connections.xml. If you make a connection with your new password to one of the sessions first you can then copy its encrypted password value from the XML file and paste it across the other connections in the file. If all of your sessions share something in common like the schema name, a prefix/suffix in your database name, etc. you could do this with a regex/XSLT/XQuery to knock them all out at once.

If you go this route back the file up first and make sure you close Toad before editing.


#4

In mine xml file, for mine user on many databases, each connection has different encrypted pwd value. also it has different GUID.
So copy one encrypted pwd for the same user on one db to same user on other db was not working in mine case.
or I missed the point?


#5

each connection has different encrypted pwd value

This is OK. The same password will encrypt to a different value every time it is encrypted; the unencrypted data remains the same.

has different GUID

The GUID uniquely identifies a saved connection record for Toad’s purposes. It is unrelated here.

So copy one encrypted pwd for the same user on one db to same user on other db was not working in mine case.

I’m not sure why it doesn’t work for you. It’s working here. If you’re guessing that it shouldn’t work based on your prior observations please try it for yourself. I have two saved sessions. I changed the password for both outside of Toad and reconnected to one of them within Toad using the new password. I closed Toad, opened Connections.xml in Notepad++ and copy/paste the encrypted new password to the <password>...</password> value of my second connection. Saved the file, started Toad and all was well.


#6

Hi Michael,
you were right and I was wrong-it works now.
I am wondering can someone then use that connections.xml file on another pc under same domain user on same databases?
If I remember correctly this wa was not possible before according some hash keys based on workstation and domain username…could you please now clarify this: what is possible and what is not possibel with that connections.xml file?


#7

Could yo make an example, it would be really a nie help to all of us that needs to change a bunch of passwords.
Thx in front.


#8

The encryption for these is tied to your Windows account. This allows for changing between your own connections but will not work on another machine. Coincidentally we have some updates coming for this in our next release.


#9

There are many ways to tackle this. I absolutely love writing little utility apps and scripts to assist with chores that I encounter like this. If it were me I’d go with what I know and write a Delphi application or PowerShell script and use XPath to identify the passwords corresponding to the connections of interest and replace them that way. I’m more proficient with XPath than RegEx or other methods. If this was just a once in a while chore I’d probably hack through it and double check my work. For example, I’d backup my connections XML file and regex search for…

(?s-i)(<User>\s*<!\[CDATA\[YourUsername\]\]>\s*</User>.*?<Password>\s*)(\S+)(\s*</Password>)

…and replace with…

$1NEW_ENCRYPTED_PWD$3

I’d save the file and use ExamDiff or some other diff tool and verify my work. I’d then tweak as needed until I got the results I was looking for or at least got it close enough that with a minute or two of manual work I can finish it.

Note, I use Notepad++ and in my development work I use PCRE. That expression there works in those. If you use a different editor and it does not work you’ll need to roll your own expression compatible with the regex engine you’re using.


#10

Hi Michael,

Your instruction for regexp in Notepad++ doesn’t work for me. It replace new password but alse removes the whole part of search, so XML has not the same structure:


#11

Your new password text starts with a digit which interferes with the $1 backreference I used in my sample. Wrap it in parenthesis. e.g. $1(new_password)$3.


#12

Works like a charm-case closed!
Great and many thank you on this…
Brg
Damir