1. Security Administration Guide
  2. Encrypting Database Proxy User Password Considerations

Encrypting Database Proxy User Password Considerations

  • Ensure that Site Key is already configured in the Enterprise Server's JDE.INI file, as Site Key is a prerequisite.

  • Because the encryption scheme is AES encryption with site key, you can identify this Encryption Type as 3 and Encryption Type 4 for unknown encryption.

  • If ONTHEFLYMIGRATION= true or 1 is set under [Security] section of the Enterprise Server's JDE.INI file, then all the existing database proxy user (encrypted with old scheme such as 3DES or XOR) stored in the System User Security table (F98OWPU) will be converted into AES encryption dynamically.

  • If you add a proxy user from Deployment Server, make sure to create the Site Key first and then add this new site key to the local JDE.INI file of the Deployment Server under the [SITE KEY] section as systems without an available Security Server, such as Deployment Server, the site keys are read directly from the local JDE.INI file and not from server's JDE.INI file.