Q1) Can I prevent credentials from being copied into the MXD, yet still use connection files? e.g. I don't want any prompts for u/n and p/w Q2) How secure is the encrypted password in an MXD? Although this may be a moot point if merely passing around an MXD gets one access to all SDE data sources in it--sensitive info might easily be accessed this way without proper authorization. Q3) Why was the connection file behavior implemented this way? Evidently, most software products using connection files do not copy credentials into product files--they merely store a reference to the connection file. Q4) Is this behavior likely to change in the future? I haven't checked on 10, but at 9.3.1, credentials still seem to get copied into MXDs. Use operating system authentication if you can. Then MXDs and layer files files can be passed around without worry. There won't be any credentials stored and no prompts. Only the SDE layer that user has access to will be visible when the MXD is opened. I don't know of OSA works only when Microsoft SQL Server is the database. We are moving to a server new server where all users will be OSA. But right now on our current server we have a mix of both OSA and SQL logins. Some MXDs have been passed around and now have 2 or 3 credentials embedded. When opened it shows in SDE that 3 different users are connected. When I need to kick users off of SDE I don't know which of the 3, if any, is the real user connected.
... View more