Execute Package Task error: Failed to decrypt protected XML node "DTS:Password"
I have a package (PackageA) with an Execute Package Task thatexecs PackageB. When I run PackageA Iget this error on the Execute Package Task :
Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that the correct key is available.
PackageB has 'EncryptSensitiveWithUserKey' ProtectionLevel. I'm providing passwords in the dtsConfig so I'm guessing I should change it to 'DontSaveSensitive'?
Interestingly, PackageAalso has'EncryptSensitiveWithUserKey' ProtectionLevel, but I don't get an error about PackageA, just on the task that runs PackageB.
(SP1 is installed).
June 21st, 2006 1:44am
Al C. wrote:
PackageB has 'EncryptSensitiveWithUserKey' ProtectionLevel. I'm providing passwords in the dtsConfig so I'm guessing I should change it to 'DontSaveSensitive'?
Yes, since the data is configured somewhere else, DontSaveSensitive is correct choice.
Al C. wrote:
Interestingly, PackageAalso has'EncryptSensitiveWithUserKey' ProtectionLevel, but I don't get an error about PackageA, just on the task that runs PackageB.
The message is only raised when the package contains the actual protected data - passwords, connection strings that can't be decrypted. If the package had 'EncryptSensitiveWithUserKey' ProtectionLevel, but does not have any sensitive data, you will not see this message.
Free Windows Admin Tool Kit Click here and download it now
June 21st, 2006 5:26am
Thanks Michael. That explains it all!
June 21st, 2006 10:49pm
"I'm providing passwords in the dtsConfig "
How you did it?
Because if I used "DontSaveSensitive" I coundn't connect to my DB, I used xml config but password is blank, how I can save password?
Free Windows Admin Tool Kit Click here and download it now
January 15th, 2008 5:42am
You have to edit the .dtsconfig file yourself (using notepad) and add the password to the connection string.
January 15th, 2008 6:47am
but this way the password won't be protected... is there any other mechanism to avoid leaving the password readable ?
Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2008 3:16pm
You can encrypt the folder where you store the configuration files. Or you can use the the EncryptSensitiveWithPassword option for the package ProtectionLevel property, but you'll have to supply a password to run the package.
June 24th, 2008 11:27pm
The best way is to encrypt with a password instead of the userkey, the password will be required when you deploy the SSIS package to the server and will maintain all your configurations with no changes.
Hope this helps.Moustafa Arafa
Free Windows Admin Tool Kit Click here and download it now
April 20th, 2010 10:52pm
You can encrypt the folder where you store the configuration files. Or you can use the the EncryptSensitiveWithPassword option for the package ProtectionLevel property, but you'll have to supply a password to run the package.
Hi jwelch
If we set the EncryptSensitiveWithPassword option, then we get the same error as mentioned in first post i.e
Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic
error. Verify that the correct key is available.
July 4th, 2011 12:02pm