DTSProtectionLevel Enumeration (Microsoft.SqlServer.Dts.Runtime)

DTSProtectionLevel Enumeration

Switch on low bandwidth view

Community Content

In this section

Statistics Annotations (0)

Click here to expand

Collapse All

Language Filter

Other versions are also available for the following:

SQL Server 2005

DTSProtectionLevel Enumeration

Controls the handling of sensitive information in the package.

Namespace: Microsoft.SqlServer.Dts.Runtime
Assembly: Microsoft.SqlServer.ManagedDTS (in microsoft.sqlserver.manageddts.dll)

Syntax

Visual Basic (Declaration)

Public Enumeration DTSProtectionLevel

public enum DTSProtectionLevel

C++

public enum class DTSProtectionLevel

public enum DTSProtectionLevel

JScript

public enum DTSProtectionLevel

Members

Member name	Description
DontSaveSensitive	Sensitive information is not saved in the package. The sensitive information is removed and replaced with blanks.
EncryptAllWithPassword	Encrypts the entire package by using a password.
EncryptAllWithUserKey	Encrypts the entire package by using keys based on the user profile. Only the same user using the same profile can load the package.
EncryptSensitiveWithPassword	Encrypts only sensitive information contained in the package by using a password. DPAPI is used for this encryption.
EncryptSensitiveWithUserKey	Encrypts the entire package by using keys based on the current user. Only the same user using the same profile can load the package. If a different user opens the package, the sensitive information is replaced with blanks. DPAPI is used for this encryption.
ServerStorage	Encrypts the package within a SQL Servermsdb database. This option is supported only when a package is saved to SQL Server. It is not supported when a package is saved to the File System. The access control of who can decrypt the package is controlled by SQL Server database roles. For more information, see Database-Level Roles and sysssispackages (Transact-SQL).

Remarks

When using the value DontSaveSensitive, if sensitive information is contained in a package, this sensitive information is not saved. This is the default value.

For all values, sensitive information is defined as:

The password portion of a connection string. However, if you choose an option that encrypts everything, the entire connection string will be considered sensitive.
The task-generated XML nodes that are tagged with the Sensitive attribute.
Any variable marked with the Sensitive attribute.

If you have sensitive information in a configuration file, you should save it to Microsoft SQL Server, or use an access control list (ACL) to secure the location or folder. For more information, see Creating Package Configurations.

For more information on setting package protection levels, see Setting the Protection Level of Packages.

Encryption is done by using two methods. The Microsoft Data Protection API (DPAPI), which is part of the Cryptography API (Crypto API), is used for the protection levels of EncryptAllWithUserKey and EncryptSensitiveWithUserKey. The TripleDES class is used for the protection levels of EncryptAllWithPassword and EncryptSensitiveWithPassword.

For more information, see TripleDES Class in the .NET Framework Class Library.

Example

The following example loads a package, and then retrieves several package properties, including the ProtectionLevel assigned to the package.

Class PackageTest
    {
        static void Main(string[] args)
        {
            // The variable pkg points to the location of the
            // ExecuteProcess package sample
            // installed with the samples.
            string pkg = @"C:\Program Files\Microsoft SQL Server\100\Samples\Integration Services\Package Samples\ExecuteProcess Sample\ExecuteProcess\UsingExecuteProcess.dtsx";
            
            Application app = new Application();
            Package p = app.LoadPackage(pkg, null);
    
            // Once the package is loaded, this sample can
           // query on several properties
            long cc = p.CertificateContext;
            string cfn = p.CheckpointFileName;
            DTSProtectionLevel pl = p.ProtectionLevel;
            DTSPackageType dpt = p.PackageType;

            Console.WriteLine("CertificateContext = " + cc);
            Console.WriteLine("CheckpointFileName = " + cfn);
            Console.WriteLine("ProtectionLevel = " + pl);
            Console.WriteLine("PackageType = " + dpt);
        }
    }

Visual Basic

Class PackageTest
    {
        Shared  Sub Main(ByVal args() As String)
            ' The variable pkg points to the location of the
            ' ExecuteProcess package sample
            ' installed with the samples.
            Dim pkg As String =  "C:\Program Files\Microsoft SQL Server\100\Samples\Integration Services\Package Samples\ExecuteProcess Sample\ExecuteProcess\UsingExecuteProcess.dtsx" 
 
            Dim app As Application =  New Application() 
            Dim p As Package =  app.LoadPackage(pkg,Nothing) 
 
            ' Once the package is loaded, this sample can
           ' query on several properties
            Dim cc As Long =  p.CertificateContext 
            Dim cfn As String =  p.CheckpointFileName 
            Dim pl As DTSProtectionLevel =  p.ProtectionLevel 
            Dim dpt As DTSPackageType =  p.PackageType 
 
            Console.WriteLine("CertificateContext = " + cc)
            Console.WriteLine("CheckpointFileName = " + cfn)
            Console.WriteLine("ProtectionLevel = " + pl)
            Console.WriteLine("PackageType = " + dpt)
        End Sub
    }

Sample Output:

CertificateContext = 0

CheckpointFileName =

ProtectionLevel = EncryptSensitiveWithUserKey

PackageType = Default

Platforms

Development Platforms

Target Platforms

Reference