Changing SQL Certificates and/or Symmetric Keys

Similar Messages

• 2012 RDS + Gateway Certificate and and .local domains

  Can someone verify this is the correct process to stop all certificate errors. 
  RDS 2012 R2 deployment that is the following. 
  1 server with broker web and gateway roles installed. 
  3 session hosts. 
  Domain is a .local
  I want to stop all certificate errors. I have a certificate for the gateway/broker/web server gateway.xxx.com 
  I have had a look at the Change published FQDN for Server 2012 or 2012 R2 RDS Deployment script
  https://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80
  Do i just need to run this script on the gateway/broker/web server and will this stop the mismatch errors fro the session hosts?
  Thanks

  Does SSO not work on less than this as I have some XP clients and 8.1 is not available for them. 
  Hi,
  To support older clients you need to have the wildcard certificate set on the RDP-Tcp listener on all RDSH servers.  To do this you must import the certificate and its private key into the Local Computer\Personal store on each RDSH server, and then
  use WMI to set the certificate.  The below command should be run on each RDSH in an elevated command prompt after you have imported the certificate and its private key:
  wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="e2f034c171b92afc96b23b7f4da15728c1e461a9"
  Substitute your certificate's thumbprint for the one shown above.
  Please note that you will not get the best experience with clients that are not at least RDP 8.0 capable, many features will not be available, and you may run into certain issues.  For XP you will want to install the RDP 7.0 client and make the registry
  changes on each client to enable CredSSP.
  Thanks.
  -TP

• Problem with Generate a certificate and Key

  I have a Cisco S370 and generated a certificate Key to block HTTPS pages.
  I require a CA signs the certificate generated by the Cisco S370, but the CA returns me an error and asks the key is changed to 2048, but I have no option to do this in the GUI, look in the CLI but can not find any option to change the HTTPS certificate key 2048
  You can change the certificate that was generated by the WSA S370 to 2048

  In addtition to Kush's response, we had a similar thread in the past. Please refer to:
  https://supportforums.cisco.com/message/3900340?referring_site=bss&channel=bdp#3900340
  Also, please note it would be advisable to refer to this Feature Request using Cisco Bug ID CSCzv70884 instead of
  86121.
  You can search for Bug IDs using Cisco Bug Search Tool :
  https://tools.cisco.com/bugsearch/
  From this tool, you can not only obtain info about the bug but also open TAC cases and Save the bug so you can get updates.
  Regards,
  -Valter

• HTTP Basic Auth and Username Authentication with Symmetric Key

  Hi,
  I have a webservice happily running on tomcat 5.5 using "Username Authentication with Symmetric Key" I have certificates setup and everything works fine. I can even connect a .net client and use the service.
  Now I have an additional requirement of authorization per operation basis so I'm planning on using the roles. My current setup uses tomcat-users.xml to configure users but I seem unable to identify the role of the user from within my code as wsContext.isUserInRole("briefing") always returns false even when it clearly isn't. Where wsContext = @Resource private WebServiceContext wsContext.
  So I figure perhaps I need to add HTTP Basic Auth to tomcat for it to gather this information so I added security-constraints to the web.xml and this seems to do the trick: at least it does for my .net client.
  If I do:
    Service service = new Service();
    Port client = service.getPort();
    BindingProvider bp = (BindingProvider)client;
    bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myusername");
    bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "mypassword");Then it all works fine. However, I'd like a little less transparency: I don't want to have to do this every time I make a call.
  My question(s) is:
  1) Am I going about this the right way (perhaps I am somehow getting the incorrect reference to the WebServiceContext)
  2) If I am going about this the right way I imagine the whole BindingProvider code needs to be added to as a policy configuration but I'm really not sure where to start especially as I'm using wsimport to generate everything: I'm not even sure where to configure this so it will not get overwritter.
  Thanks for any help.

  Doh! Ok So I've added a SOAP Handler to automatically add the username and password for the HTTP Basic Auth.
  All in all does this setup sound right?

• Personal certificate and network key

  ok, I got my router to work.  Now I'm trying to access the internet through my PDA phone and it's saying I need a personal certificate to identify me and a network key. where do i find these things?

  In a separate note, you also wrote:
  "When I open up the 192.168.1.1 page, it brings me to wirespeed, the page for my modem, not linksys. And the reset button on the router dosent seem to do anything, even after i held it down for a full min."
  If you still have not gotten your router reset to factory defaults, use the procedure at the end of this note first, then procede with the following:
  If you are still having a problem getting your modem setup pages (and not your router) at 192.168.1.1  then your modem and router are probably set to the same address.  For now, disconnect the modem from the router, then, using a computer that is wired to your router, point your browser to 192.168.1.1  and enter your user name (if any) and password.  This will take you to your router's setup pages.  Change the router's "Local IP Address"  to 192.168.2.1 , then click on "Save Settings".  You will likely be disconnected.  This is normal.  Power down the router, then reconnect the two devices.  Later, you may wish to use a more ideal solution, by placing the modem into "bridge" mode, and then using the router to do all your router functions.
  The "network key" is most likely your wireless encryption key.  With WEP, this is "key 1".  With WPA or WPA2, this is the key (sometimes called "shared key" ).  What encryption method are you using?   Some PDA's will only do WEP.  Can yours do WPA or WPA2, or just WEP?
  To find your key, first, change the router's address to 192.168.2.1   Then, using a computer that is wired to the router, log into your router at 192.168.2.1  Then click on the wireless tab.  Look around, and find your encryption method (WEP, WPA, PSK, etc).  Near here, you will find the key. 
  The "personal certificates" are generally used by business for user authentication, ie. to prove your identity when you call in from across town or from another state.  You should not need a "personal certificate" simply to make a wireless connection to a Linksys home router.
  Who is your ISP?
  What is the make and model of your modem?
  What is the model and version of your router?
  PROCEDURE TO RESET ROUTER TO FACTORY DEFAULTS
  To reset your router to factory defaults, use the following procedure:
  1) Power down all computers, the router, and the modem, and unplug them from the wall.
  2) Disconnect all wires from the router.
  3) Power up the router and allow it to fully boot (1-2 minutes).
  4) Press and hold the reset button for 30 seconds, then release it, then let the router reset and reboot (2-3 minutes).
  5) Power down the router.
  6) Connect one computer by wire to port 1 on the router (NOT to the internet port).
  7) Power up the router and allow it to fully boot (1-2 minutes).
  8) Power up the computer (if the computer has a wireless card, make sure it is off).
  9) Try to ping the router. To do this, click the "Start" button > All Programs > Accessories > Command Prompt. A black DOS box will appear. Enter the following: "ping 192.168.1.1" (no quotes), and hit the Enter key. You will see 3 or 4 lines that start either with "Reply from ... " or "Request timed out." If you see "Reply from ...", your computer has found your router.
  10) Open your browser and point it to 192.168.1.1. This will take you to your router's login page. Leave the user name blank, and in the password field, enter "admin" (with no quotes). This will take you to your router setup page. Note the version number of your firmware (usually listed near upper right corner of screen). Exit your browser.
  If you get this far without problems, you will need to setup your router's "Internet Connection Type" manually.  You should not try to use the setup disk that came with the router.  Then you will need to change the router's address to 192.168.2.1 (return to the start of this post).
  If you cannot get "Reply from ..." in step 9 above, your router is dead.
  If you get a reply in step 9, but cannot complete step 10, then either your router is dead or the firmware is corrupt. In this case, use the Linksys tftp.exe program to try to reload your router with the latest firmware. After reloading the firmware, repeat the above procedure starting with step 1.
  If you have problem, please state the results of steps 9 and 10. Also, if you get any error messages, copy them exactly and report back.

• Certificate and Key Expiration information regarding your Access Control Service (ACS) 2.0 Namespace

  I've received an email from Windows Azure Team ([email protected]) with the above title. It suggests
  I 
  We are writing to inform you that certificates or keys related to one or more of your Namespaces are about to expire between July 8, 2012-November 8, 2012.
  Please find below the list of your Namespaces that need Certificate or Key rollover:
  fiftyeggs-cache
  These namespaces can be viewed by signing in to your Windows
  Azure portal subscription. After you have signed in you are redirected to the Management Portal page. On the lower left-hand side of this page, click Service Bus, Access Control & Caching. To see
  the registered namespaces under your subscription, under Services click Access Control/Service Bus/Caching.
  However, this is a cache-namespace which appears to be a Managed Namespace
  http://msdn.microsoft.com/en-us/library/gg185943.aspx and I don't believe there is any way of managing keys. Can anyone help or point me to the relevant article. I don't want the cache keys to expire (the site will die) but there doesn't appear to
  be any actions for me to take.

  Did you add a X509/Symmetric Key/Password based "Service Identities" (Re Carson Wa above). If not, my year
  is up on the 27th so I'll schedule for random failures! That will not keep my clients happy.
  Can you keep us informed of the progress of your ticket here please :-)
  I got an email from MS yesterday...
  We inadvertently sent an email message to you between June 12 and June 18, 2012, that
  described updating expiring certificates and keys in the Access Control Service (ACS) namespaces used by your Service Bus or Cache namespaces. The message referred to the following namespaces:
  fiftyeggs-cache
  The message was sent in error, and we sincerely apologize. No action is required.
  Did you get that?
  Andrew

• Java 1.5 PKCS11 and Symmetric Keys

  I am using the PKCS11 provider in Java 1.5 with a hardware device. I have had success in generating 256 symmetric AES keys and using an AES/CBC/NoPadding Cipher to encrypt and decrypt.
  I wish to generate a symmetric key within the device and use this key with the device to perform some encryption. The issue I am having is that I cannot seem to be able to get a handle on the hardware key in such a way as to be able to find the key again the next time the application is ran. The key is returning null for getFormat() and getEncoded(). toString() is providing enough information to tell what the key's ID is within the device and that the key is non exportable, in the token and sensitive. I cannot find a KeySpec that will let me specify the key ID for SecretKeyFactory to use to regenerate my Key.
  I have had some success when debugging in that if I generate a new Key within the device, halt program execution and change the ID of the newly created key object to point to the ID of the key that I want (using eclipse debugging), the key does in fact encrypt and decrypt correctly but this method leaves me with created keys within the device that I don't need and that I only used to hijack the ID pointer.
  What I am looking for is some method/KeySpec that I can populate with the ID and pass that to the SecreteKeyFactory that is returned via the PKCS11 provider and hit generateKey() and get my original Key object back.
  Does anyone have any experience with using persistent symmetric keys within a hardware device using the PKCS 11 Provider ?

  Your a life saver/___sbsstatic___/migration-images/migration-img-not-avail.png Thanks/___sbsstatic___/migration-images/migration-img-not-avail.png/___sbsstati c___/migration-images/migration-img-not-avail.png/___sbsstatic___/migration-imag es/migration-img-not-avail.png
  X-Server G5 and X-Server RAID    

• Up and down arrow keys are not working properly when using SQL CLI on Linux

  Every time I hit up, down, left, and right arrow keys to return to a previous sql command I got ^[[D, please any hints to fix this issue?
  The backspace works fine with me. I tried to use stty to fix this issue with no luck.
  Thanks
  Mohamed                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  Which SQL client and Linux version are we talking about?
  Assuming you are using the Oracle sqlplus client... it does not support command line editing and history using the arrow keys. For this to work you will have to install a product called Readline Wrapper. See my answer at the General Database forum:
  sqlplus command line editing

• How to change the font and colour of the PL/SQL Editor in forms

  Hi All,
  I am fed of viewing the small fonts in the PL/SQL Editor. I am feeling stress
  in my eyes daily...Please any body help me how to change the color and font
  of the PL./SQL editor in oracle forms 6i..Thanks in Advance...

  Hi
  Thanks for the reply..
  But I personally feel that Oracle people should have done this since
  any editor should allow us to change the font and colour...any way lets
  hope that in the future releases that may happen...
  Raghu

• I change my Pc and don't found my Original DVD from my Acrobat 9 STANDARD. I have the Key and found in Internet the Pro Version, but not the Standard Version. Where can i download the Standard Version?

  I change my Pc and don't found my Original DVD from my Acrobat 9 STANDARD. I have the Key and found in Internet the Pro Version, but not the Standard Version. Where can i download the Standard Version?

  Downloadable installation files available:
  Suites and Programs:  CC 2014 | CC | CS6 | CS5.5 | CS5 | CS4, CS4 Web Standard | CS3
  Acrobat:  XI, X | 9,8 | 9 standard
  Premiere Elements:  13 |12 | 11, 10 | 9, 8, 7
  Photoshop Elements:  13 |12 | 11, 10 | 9,8,7
  Lightroom:  5.7.1| 5 | 4 | 3
  Captivate:  8 | 7 | 6 | 5
  Contribute:  CS5 | CS4, CS3
  Download and installation help for Adobe links
  Download and installation help for Prodesigntools links are listed on most linked pages.  They are critical; especially steps 1, 2 and 3.  If you click a link that does not have those steps listed, open a second window using the Lightroom 3 link to see those 'Important Instructions'.window using the Lightroom 3 link to see those 'Important Instructions'.

• Changing sql server service and sql server agent service startup account in SQL Server hosting SharePoint DB

  Hi 
  i have a sharepoint deployment with one SQL Server (running on VM) hosting the config DB and another SQL Server (Physical Host because VM was running out of space) to host the huge Content DBs. I need to schedule automatic backups of the Content DBs to a
  network share. For that i need to run the SQL Server Service with an account having permissions to the share as suggested in https://support.microsoft.com/kb/207187?wa=wsignin1.0
  I tried changing the logon as a service account to a domain
  account which has permissions to the Network Share and is also in local Administrators group of SQL Server and has "public and sysadmin" roles in SQL Server but that caused an issue. the SharePoint Web Application started showing a White Screen so
  I had to revert back to the default accounts i.e. NT Service\SQLSERVERAGENT and NT Service\MSSQLSERVER. I viewed the event logs . These are the types of error i got after changing the logon as a service account to a domain account
  1) Information Rights Management (IRM): Retried too many times to initialize IRM client. Cannot retry more. Retried times is:0x5.
  System
  Provider
  [ Name]
  Microsoft-SharePoint Products-SharePoint Foundation
  [ Guid]
  {6FB7E0CD-52E7-47DD-997A-241563931FC2}
  EventID
  5148
  Version
  15
  Level
  2
  Task
  9
  Opcode
  0
  Keywords
  0x4000000000000000
  TimeCreated
  [ SystemTime]
  2015-02-02T04:46:04.750899500Z
  EventRecordID
  176477
  Correlation
  [ ActivityID]
  {8FACE59C-1E17-50D0-7135-25FDB824CDBE}
  Execution
  [ ProcessID]
  6912
  [ ThreadID]
  8872
  Channel
  Application
  Computer
  Security
  [ UserID]
  S-1-5-21-876248814-3204482948-604612597-111753
  EventData
  hex0
  0x5
  2)
  Unknown SQL Exception 0 occurred. Additional error information from SQL Server is included below.
  The target principal name is incorrect.  Cannot generate SSPI context.
  System
  Provider
  [ Name]
  Microsoft-SharePoint Products-SharePoint Foundation
  [ Guid]
  {6FB7E0CD-52E7-47DD-997A-241563931FC2}
  EventID
  5586
  Version
  15
  Level
  2
  Task
  3
  Opcode
  0
  Keywords
  0x4000000000000000
  TimeCreated
  [ SystemTime]
  2015-02-02T07:01:35.843757700Z
  EventRecordID
  176490
  Correlation
  [ ActivityID]
  {50B4E59C-5E3A-50D0-7135-22AD91909F02}
  Execution
  [ ProcessID]
  6912
  [ ThreadID]
  5452
  Channel
  Application
  Computer
  Security
  [ UserID]
  S-1-5-17
  EventData
  int0
  0
  string1
  The target principal name is incorrect. Cannot generate SSPI context.

  Hi Aparna,
  According to your description, you get the above two errors when scheduling backups of Content DB. Right?
  Based on those two error messages, they are related to the service principal name(SPN) for SQL Server service. Please verify the if the SPN is registered successfully. You can view it in ADSI Edit or use command line. Please see:
  http://blogs.msdn.com/b/psssql/archive/2010/03/09/what-spn-do-i-use-and-how-does-it-get-there.aspx
  When installing SQL Server, those two services below should be registered:
          MSSQLSvc/servername:1433      
          MSSQLSvc/servername
  Please check if those SPNs or duplicated SPNs exist. You can use command to reset SPN or remove duplicated SPN and add new one. See:
  Setspn.
  We have also met this issue when this SPN is registered under Administrator. Please try to register it under Computer. You can add it in ADSI Edit.
  If you have any question, please feel free to ask.
  Simon Hou
  TechNet Community Support

• Trying to set up encrypted mails but I'm confused about certificates and keys

  Hello all,
  My first foray into encrypted emails and I'm already confused! To begin with, I'm trying to exchange mails with one other person, who I believe uses Outlook. So far:
  He's sent me his certificate (although I thought I would receive his public key) which is a file called smime.p7m. I don't know what to do with this.
  I've successfully followed the instructions at https://support.mozilla.org/en-US/kb/digitally-signing-and-encrypting-messages. When I start a new mail, I can either go to the Enigmail menu and switch on encryption / digital signing and it seems fine, or I can go to the dropdown on the S/MIME button and it says "You need to set up one or more personal certificates before you can use this security feature." Are these two different ways of doing the same thing (in which case I'll use the one that works!) or not?
  As you can see, I'm getting confused between keys and certificates! If some kind person could take a minute to explain what my next steps are, that would be much appreciated. I couldn't find anything on the Thunderbird support pages, though I know I need to send him my public key.
  Thanks in advance.
  Stuart.

  Stuart8, good find, that article.
  I found the main disincentive to using the built-in S/MIME capability is that it's not immediately obvious where to get your certificate and keys. Most providers want $$$ for them, which is natural enough if they are actually going to validate you in some way. I did at one time have a Thawte certificate and even enough WOT vouches to be a low-grade WOT Attorney.
  Once you have your key, it's a bit of a pfaff to install it into Thunderbird. You'll probably find that S/MIME is the default in business correspondence, since many businesses operate their own mail servers, ftp servers and so on and probably have an arrangement to generate self-issued certificates or to buy them on a commercial basis from a CA.
  Enigmail/OpenPGP doesn't require any financial outlay on your part, but is harder to get your keys properly validated since there's not much of a formal WOT nor a reliable central registry. You generate your own keys and it's pretty much all based on mutual trust.
  Since the two systems are incompatible, you need to have set up the same as whatever your correspondent is using.
  I suspect that you have discovered that it's a two-way process. In order for a correspondent to send you an encrypted message, you must both be using the same system, and he must have your public key to encrypt his message, and you'll need his in order to reply with encryption. So yes, he needs to send you his public key for you to send to him, but what he sends to you needs YOUR public key.
  Obviously, signing messages is a useful halfway house. I believe that you sign with your private key, and the recipient will have to download your public key to validate your signature. Whilst a signature doesn't safeguard your privacy, it goes some way to proving that the message came from who it says it came from and that it hasn't been altered in transit. (I really can't understand why banks, lawyers, insurance companies haven't picked up on these encryption and signing schemes. Perhaps they actually prefer all those awful phone calls where you need to struggle to recall supposedly unforgettable names and dates! ;-) )
  In practice, I find that if you sign a message to an outfit who don't know what to do with it, their numpty anti-virus system will probably barf on the signature which it thinks is executable code and therefore must be a virus or worm. :-(

• Dynamically change the db and server in execute sql task

  Pkg 2: Moves data from B_STG (Staging DB) to B_Det_STG (Staging DB)  ---- option1
  Pkg 3: Moves data from B_STG (Staging DB) to B_Det (PC DB)   ---- option2
  This part is duplicating in both the packages
  So they want me to merge both of them into in execute sql task and dynamically change between option1 and option2 depending on a pkg level variable.
  So, I create a pkg level variable called ExecutionVariable: 'ANALYSIS' or 'LOADING'
  If 'ANALYSIS' it needs to do option1 else option2.
  So, I ma trying to create a dynamic connection string in execute sql task.
  I change the connection property in execute sql task editor dynamically my giving the expression: @[User::ExecutionVariable] == "ANALYSIS"?  @[User::STAGINGDBConnectionString] :  @[User::PCDBConnectionString]
  which evaluates to : Data Source=AW-ETL-D1;Initial Catalog=Staging;Integrated Security=SSPI;Provider=sqloledb
  But when I run the sql task, its giving me an error: 
  ERROR:
  TITLE: Microsoft Visual Studio
  Nonfatal errors occurred while saving the package:
  Error at PC_DataLoad: The connection "Data Source=AW-ETL-D1;Initial Catalog=Staging;Integrated Security=SSPI;Provider=sqloledb" is not found. This error is thrown by Connections collection when the specific connection element is not found.
  Error at PC_DataLoad: The connection "Data Source=AW-ETL-D1;Initial Catalog=Staging;Integrated Security=SSPI;Provider=sqloledb" is not found. This error is thrown by Connections collection when the specific connection element is not found.
  Can u please help me.

  Hi ,
  Don't try to make the "Execute Sql" task as dynamic.
  Try to make OLEDB connection Manager as "Dynamic".
  Steps:
  1. Create OLE DB Connection pointing to any database then set expression to connection string variables like below.
  Provider=SQLNCLI10.1;Integrated Security=SSPI;Initial Catalog=YourDBname;Data Source=YourServerName.
  2. Make Delayed Validation property to "True".
  3. Set the created dynamic OLE DB connection to your Execute SQL task.
  4. Change the connection string variable accordingly before running the "Execute SQL" task.
  Hope it will help you.
  Regards,
  Nandhu

• Copy the SQL Binaries and Data to another drive and then change the drive letter to previous drive letter

  Hi All,
  We have SQL Server 2012 SP1 installed on E drive (which means SQL Binaries, Database and LOGs) are in the same drive E, we are not able to backup the SQL Server because according to Backup Vendor their is a problem with the DISK E which is why the backup
  is not successful, We have added one more drive with the same space, we have stopped SQL Server services and copy each and every thing from E drive to new drive and changed the current E Drive to K and changed the new drive to E, after that when we tried to
  start SQL Service but it was not starting, we have again reverted back the original drive to E and service was successfully started, please note here that SQL server service logon is NT service / local service. Please help us that how to do achieve this as
  we are using the same E drive and OS should not know any thing. Please help us to copy and then change the drive letter to E so that we can delete the old drive.
  Thanks
  If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft Lync

  We have stopped SQL Server services and copy each and every thing from E drive to new drive and changed the current E Drive to K and changed the new drive to E, after that when we tried to start SQL Service but it was not starting,
  You should not have done this. Even if you install complete SQL Server on Separate dedicated drive few binaries would always go on system drive that is C drive so your idea of moving files to other drive would sure create a problem. As a fact you cannot
  move SQL Server complete installation from one drive to other apart from uninstalling and reinstalling again.
  Copy it back an hope fully you would be able to restart. Why should you take a product which allows you to change sql server drive its a bad product. I guess backup engineer does not how to configure backup agent
  Please mark this reply as answer if it solved your issue or vote as helpful if it helped so that other forum members can benefit from it
  My Technet Articles

• Problem changing SQL data source at runtime with VB6 and CR XI

  Hello All,
  We have several VB6 programs using CR XI and are able to pass a DSN to change data source with Access DB that works just fine.
  We are using similar code in another program to change the data source in an SQL DB and get an error... Failed to Open the Connection.
  This is a sample of what works with Access but not SQL DB:
  Dim crxApplication As New CRAXDRT.Application
  Public Report As CRAXDRT.Report
  Global DSN_STRING
  DSN_STRING = "DSN = JC Crystal Reports"
  Dim crxDatabaseTable As CRAXDRT.DatabaseTable
  Set Report = crxApplication.OpenReport(App.Path & "\Test11.rpt", 1)
  'change location of each table in report
  For Each crxDatabaseTable In Report.Database.Tables
          crxDatabaseTable.Location = DSN_STRING
  Next crxDatabaseTable
  FormCrystal.Show vbModal
  We have tried other things from the web, still get error.
  Any help would be greatly appreciated.
  C Reid

  Hi Carole,
  When using SQL types you need more than just the DSN name. CR does keep the password in the report file and all SQL types are usually password protected.
  Try this simple code:
  First log onto the server:
  rpt.database.LogOnServerEx("crdb_odbc.dll, pServerName, [pDatabaseName], [pUserID], [pPassword], [pServerType], [pConnectionString])
  The ConnectionString is the complete line. Run in debug mode and display what the reprot is using and you can see the format it requires.
  Once logged on now you can set the location for each table:
  'report connection properties
          With rpt.Database.Tables(1)
              .ConnectionProperties("User ID").Value = "sa"
              .ConnectionProperties("Password").Value = "YourPassword"
              .ConnectionProperties("Data Source Name").Value = "Your DSN Name"
              '.ConnectionProperties("Data Source Name").Value = "ServerName" ' can be used if specifying a new connection
              .ConnectionProperties("Database").Value = "Northwind"
          End With
          Set rpt.Database.Tables(1).Location = "Northwind.dbo.CustOrderHist"
  I'm only using one table so easy enough to create the loop or use for all...
  Thank you
  Don