I did a quick search here to see if it had been mentioned, but I don’t see anything so…
I was trying to create a new E10 DB, it was the same name as a previous one I had made and had deleted, but I was having trouble creating it. I couldn’t seem to get the SQL permissions right, the process kept trying to connect to SQL with an old username and password I had changed even though everything had the new username and password in the Admin Console.
I finally figured out why, and am actually a little bothered by it.
Just because you’re paranoid doesn’t mean they aren’t out to get you.
Epicor stores the username and password of any SQL user you use to create a database in a plain text xml file stored on the C drive.
The initial file out of the box is about 45KB, however, every time you create a DB, whether test, E9 migration, or blank, it adds all the information used to this XML file, thus increasing it’s size each time by 8-10KB each time.
C:\Program Files (x86)\Common Files\Epicor Software\Database Manager Extensions\3.2.300\DB Migration\MigrationTask,XML
This will have the full configuration for every database you have created since installation of your Epicor 10 system, it even includes the full connection information for the test DBs at Epicor, apparently they use the sa password Epicor123 on their system, and their test system DB admin is a Marvel fan.
Maybe I am smart? Maybe I am paranoid? Maybe I am insane? I now have an empty copy of this with only the “default” options in it, and I now overwrite it each time I create a new DB for any reason.
Example from the file:
Magneto_SQL2016_RL10.2.300.0Golden ExportERPSeed server=Magneto\SQL2016;database=RL10.2.300.0Golden;user=sa;password=Epicor123;Trusted_Connection=false;;Max Pool Size=100; Pooling=true; connection timeout=100; MultipleActiveResultSets=True server=Magneto\SQL2016;database=RL10.2.300.0Golden;user=sa;password=Epicor123;Trusted_Connection=false;;Max Pool Size=100; Pooling=true; connection timeout=100; MultipleActiveResultSets=True C:\_projects\ERP\RL10.2.300.0\Deployment\DB Scripts\ERP Scripts UDFieldsMigration.xml true false false G:\SQLDB 10 true 10 % true 10 E:\Tranlogs 1 true 10 % true 10 50 false false mdy E9DBMapping.xml false 4 240 0 10000 60 false G:\SQLDB 10 true 10 % true 10 E:\Tranlogs 1 true 10 % true 10 true C:\Program Files\Microsoft SQL Server\MSSQL13.SQL2016\MSSQL\LOG\
