- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2022 01:16 PM
I have a case where we had to change the password for the account we use for our Windows Discovery and SCOM connectors. For security reasons another team maintains the password and we do a screenshare for the enter the password into the credential.
They recently did this in our Production instance and I am trying to move it into our Pre-Production instances. I have the credential open and do the Export XML option. I then go into our Development instance and do the Import XML. When I import it, the credential will not work. It fails a credential test. But in Production that exact same credential passes just fine. Anyone have any ideas why this would not work?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2022 02:00 PM
Hi, if the password is stored in a password1 type encrypted field (IE sys_user password field), then the encryption is 1 way and you cannot decrypt the field, only the system can.
If the field is a password2 type encryption field (like the credentials table password field), then I believe that you can decrypt the field within the instance, but I do not believe that it would be decrypted as part of xml export process and testing in a PDI indicates that the PW is not decrypted during xml export.
I believe that this is correct and expected behaviour, otherwise it would be a security risk,
//docs.servicenow.com/bundle/tokyo-platform-administration/page/administer/reference-pages/reference/r_FieldTypes.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2022 02:00 PM
Hi, if the password is stored in a password1 type encrypted field (IE sys_user password field), then the encryption is 1 way and you cannot decrypt the field, only the system can.
If the field is a password2 type encryption field (like the credentials table password field), then I believe that you can decrypt the field within the instance, but I do not believe that it would be decrypted as part of xml export process and testing in a PDI indicates that the PW is not decrypted during xml export.
I believe that this is correct and expected behaviour, otherwise it would be a security risk,
//docs.servicenow.com/bundle/tokyo-platform-administration/page/administer/reference-pages/reference/r_FieldTypes.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-29-2024 11:53 AM
How do you know what type the credential field is?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-29-2024 01:05 PM
You can check the data type via dictionary or Configure > Table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-12-2024 10:37 AM
