1

Using the functions WinAPIServer::cryptProtectData() and WinAPServer::cryptUnprotectData() to store passwords in the database worked fine for a while.

Using this technique on an AOS-Cluster doesn't. Code stops execution on WinAPIServer::cryptUnprotectData() without any error-message.

Decrypting only works on the AOS where the Crpyting has been done. Retyping and crypting the password on AOS 2 ( where uncrypting doesn't work at this time ) leads to the fact that AOS 2 can uncrpyt, but AOS 1 not and vice versa. I found some infos regarding problems after changing password of the AOS-User, but the AOS-User is the same on both AOS-instances. So is the password. Are there any further unique IDs or something involved in crypting/uncrypting?

MSDN doesn't give me any helpful information...

Nico
  • 1,175
  • 15
  • 33

1 Answers1

1

You could take a look at how the password for the SMTP server in AX is stored. Also take a look at Why does table SysEmailSMTPPassword save the SMTP password per AOS instance? It seems the encryption depends on a windows registry value, which makes it dependent on the AOS.

FH-Inway
  • 4,432
  • 1
  • 20
  • 37
  • 1
    Thanks for the reply. On the linked resource, the thesis about the dependency between AOS-user/password and encryption is underlined. But as I mentioned in OP, the AOS-user/password is **identical** on both AOS. So I think, there's any other influence?! – Nico Jul 02 '14 at 10:58
  • 1
    Although the AOS-user and password are the same, the encryption key is probably different? – FH-Inway Jul 02 '14 at 14:59
  • That's exactly what I'd like to know for sure - not guessed ;) – Nico Jul 03 '14 at 12:42