Siebel Security Guide > Changing and Managing Passwords >

About Encryption of Gateway Name Server Password Parameters

The siebns.dat file stores information required by the Siebel Gateway Name Server. This includes operational and connectivity information as well as configuration information for the Siebel Enterprise and Siebel Servers. If a Gateway Name Server configuration parameter requires a password value, then the Siebel encryptor writes the password to the siebns.dat file in encrypted format.

NOTE:  End user passwords are not specified as Gateway Name Server parameter values and are not stored in siebns.dat.

In the current release, passwords in siebns.dat are encrypted using the AES algorithm. The encryptor generates the encrypted password using an encryption key that is unique to each parameter. The encryption key itself is generated based on repository information.

If you choose, you can use Siebel Strong Encryption to increase the encryption key length for encrypting passwords. If you do increase the encryption key length for encrypted passwords in siebns.dat, then the passwords have to be encrypted again using the new key. For a list of some of the password parameters that are encrypted in siebns.dat, and for information on how to reencrypt them, see Reencrypting Password Parameters in the Siebns.dat File.

Upgrading to Siebel CRM

In Siebel CRM Innovation Pack 2014, passwords in the siebns.dat file are encrypted using AES encryption. If you are upgrading to the current release, once the patch installation is completed, you must reset encrypted passwords in the siebns.dat file so that they now use AES encryption. For information on performing this task, see Reencrypting Password Parameters in the Siebns.dat File.

NOTE:  When you upgrade to the current release, the Siebel Server system service password, which is required to connect the Siebel Server to the Gateway Name Server, is automatically reencrypted using AES encryption. The Gateway Name Server Password parameter, which is set at the Siebel Enterprise level, is also automatically reencrypted. You do not have to reencrypt these passwords manually.