How do you handle resetting passwords in pass-thru queries (Mainframe)

[Pack10]

I have a fairly large number of pass-thru queries that run via ODBC against an IBM Mainframe. My pass-thru's have my mainframe password hard-coded. Our mainframe requires a password change every 90 days. Additionally in my split applications I have to push out a new front end every time I change the password.
How do other developers facing the same issue deal with this.
In the past, we used to get around the password by having the help desk reset the password a few times....however they are now out of the loop and its done by an app.

 

[lameid]

Typically referred to as DNS-Less Connection.

Do not store the password in the SPT connection string. Then you use a piece of code to make a connection with the password.

Access Caches these DAO connection credentials for a server and database combination.

I have a URL in my code comments where I picked up the technique...

http://blogs.office.com/b/microsoft...ove-the-security-of-database-connections.aspx

The proxy server where I am sitting does not really want to resolve it... hopefully it is a good link still.

 

[Pack10]

Hi, thanks for the link.
If I build a function, how is it called, can I place the function name in the connect string of the property sheet where the
pass-thru hard coded string is???

 

[Pack10]

In my particular case, the users are actually using my db2 credentials to run the pass-thru. If I keep that in a table and have the login use these values, then my pass-thru queries will not need any connection string in the properties? If that's the case, then this is a great help to me maintenance wise.

 

[Pack10]

After giving this some thought, are you saying that once the connection string is loaded in startup, then i don't need
a connection string in each of my pass-thru queries.
that would be nic.

 

[lameid]

You need connection strings, you just don't need the user name and password in them.

Once you run the code once at startup, you do not have to worry about being prompted for the user and password everytime you use an object with a connection string.

 

[Pack10]

Do you think I could put a function name in the connect string.
This way the connection string would be inside the function.

 

[lameid]

You cannot do that for saved tables and queries. You can of course do that if you are talking about programatically connecting the object. I have such a function to establish ADO connections to create ADO commdands.

What would be the benefit be of using a function that way over a DNSless connection?

You could also set the connect property of the DAO querydef. Just be sure to also use the refreshlink method.

 

[Pack10]

Still a little confused. If I create a DSNless connection,
what do I need to have in the connection property of the pass-thru for ODBC Connect Str in the property sheet.

Is that now blank because the connection object on startup is open?

 

[lameid]

Did you read the link I posted?

You basically link everything WITHOUT saving the password.

Then when you programmatically connect once, the Server and Database credentials are cached from that one connection.

I believe the code in the link uses a SQL Server connection so you will have to change that to work with DB2.