I wrote a program that reads the UserPrincipal of an User in our Active Directory via PrincipalContext. For this the authentication of a privileged user is needed. At the moment the password for this authentication is saved as plaintext in the source code. Because of security reasons a encrypted password should be saved in the source code or in a different file. Is there a way to solve this?
const string domain = "";
const string rooOrganizationalUnit = "";
const string adDomain = "";
const string adUserName = "";
const string adPassword = "";
private static PrincipalContext GetPrincipalContext()
{
PrincipalContext principalContext;
principalContext = new PrincipalContext(ContextType.Domain, domain, rooOrganizationalUnit, ContextOptions.Negotiate, adUserName + "@" + adDomain, adPassword);
return principalContext;
}
(This snippet of code is originally taken from this site)
You don't want to store this in code either encrypted or not. One of the approaches will be to shift sensitive data off to a config file, type passwords in production only and encrypt that section in the application.
In a config file
<configuration>
<appSettings>
<add key="adPassword" value="this should be empty in source controll" />
</appSettings>
</configuration>
In code
const string adPassword = ConfigurationManager.AppSettings["adPassword"];
Notes