Can I Access SQL Login Users In ASP.Net Application
SQL Server 2005 introduces a new type of database user, one that is created using the €œWITHOUT LOGIN€? clause. This user is not mapped to a login, and is being touted as an alternate to Application Roles because no password is needed.. What I do not understand is how to use this type of user. I know how to use sp_setapprole with Application Roles, what are the equivalent steps needed to use login-less users?
Thank you in advance.
I am using a Access and Microsoft SQLServer as a client server application.
But one of my users is getting an error message when trying to open the access database called faculty
SQL Server Error: 18456
[Microsoft][ODBC SQL Server Driver][SQL Server]login failed for user ‘PTRICHARDS’.
But it works fine for me as i am an Administrator. Even my user
can open another database called student which asks for SQLSERVER authentication.
But only cannot open this database which does not ask for SQLServer
Both the databases reside in the same SQL Server.
IT worked fine till yesterday.
Any suggestions will help,
I am developing an distributed VB.NET 1.1 application with a TripleDES capable socket layer for communication with my server app.
I need to secure the distributed app from the users within the organization I am developing it for (a franchise).
I do not wish to store any encryption keys in the source code as these would be obvious to any seasoned hacker through decompilation of my binaries (even with obfuscation). I have decided to use the windows DPAPI (under machine storage mode) to secure manually entered (at installation) encryption layer keys in the registry. The salt values for this DPAPI mode also need to be secured, as a disgruntled franchise owner may be the hacker (and hence would have admin privilege on the machine the software is installed on). Not as far fetched as you think !
This is the beginning of a vicious cycle. How do I secure and where do I store this salt value safely ? With it a hacker with admin privilige can easily decrypt my keys if they know I am using machine mode DPAPI. Can I use ACLs to protect the keys with an account I set up manually on the machine ? If so then I would need to be able to switch account identities in my code (which I haven't researched as yet) and then would need to store the password to that somewhere.
If anyone could offer any insight or direction it would be much appreciated.
I have set up a link from ACCESS to a SQL 7.0 database using ODBC (File DSN saved on a shared DRIVE). The link works well only from the workstation where the link was created. But How can I create a link so a group of users can view the linked table in ACCESS without type a password? Any suggestion is appreciated.
autorized user: sa
any user : nuran
temporary table: birtablo
I need a stored procedure will execute by sa and it will create some required temporary tables for each users. For example table name is birtablo. I mean sa will create table for nuran, and when I checked the owner of the table (birtablo) I want to see nuran not dbo.
sa will execute following command:
create table nuran.birtablo (...........)
Is it possible to cerate a table by sa on behalf of any user? If it is, could you please explain?
Hello, i have a problem regarding stored procedures and view server state.
I have an application with a lot of stored procedures, one of them checks data of the connected users.
In SQL 2000 i had no problem getting this information, but in SQL server 2005 i do.
my stored procedure looks like this:
ALTER PROCEDURE [dba].[applsp_GetConnectionInfo]
WITH EXECUTE AS OWNER AS
SET NOCOUNT ON
DECLARE @sCollationMaster VARCHAR(128);
DECLARE @sSqlString VARCHAR(900);
-- Determine collation from master database because collation from master and ultimo database may differ
SELECT @sCollationMaster = CAST(databasepropertyex('master', 'Collation') AS VARCHAR);
SET @sSqlString =
'SELECT max(status) AS Status, max(isnull(SCISUSENAME, ''ULTIMOLOGIN'')) AS Login
, MAX(Rtrim(Rtrim(convert(varchar(255), nt_domain)) + nt_username)) AS NTUser
, max(Rtrim(hostname)) AS Host, MAX(Rtrim(program_name)) AS Program
FROM master.dbo.sysprocesses JOIN dba.SCONNECTIONINFO on SCISPID = CAST(spid AS VARCHAR)
AND ( SCISUSENAME = ISNULL(loginame, '''') COLLATE ' + @sCollationMaster + ' OR ISNULL(loginame, '''') = ''ULTIMOLOGIN'')
WHERE ...... AND DB_NAME(dbid) = ''' + @DBName + '''
GROUP BY hostprocess
ORDER BY Login
I've granted view server state permissions to my user 'dba' which is the db_owner.
When i execute the query in the stored procedure seperatly as dba i get all the info i need, but when i execute the stored procedure i don't see anything.
I seem to have the same problem with sp_who2
Executing it gives me information about everyone but when i put in a stored procedure like this:
alter procedure test
with execute as owner as
I just see information about myself
SQL Server 7 or 2000.
I restore a database on a different server from a device file. This database has a user defined for it. In this case, 'privuser' is the name. No login has been defined.
I can add the privuser login but cannot grant db access because privuser already exists in the db. I cannot drop 'privuser' because the user owns all the user objects in the db.
How can I make the privuser login I create access the db using the privuser username in the db? Would having the login created before restoring the db as a new db work?
can there be multiple users on one single sql login?
I keep getting errors from my users randomly about the server timing out and i am wondering if they are trying to submit append queries at the same time.
I am new to this, so, I will be greatful to anyone who can clarify the following:
In login properties under Logins of Security, what does creating mapping to the different databases mean ?
For a given login, I notice that I can login / execute DDL statements alike for the databases which are checked and also for the ones that are not checked.
Then, what does
Security -> Logins - > Login Properties -> User mapping -> Users mapped to this login -> checking the database - accomplish?
For a perticular login, say 'Bob' which has server admin rights, I wish to include two more databases. For this I 'checked' the databases, which I wish to include, in the
Security -> Logins - > Login Properties -> User mapping -> Users mapped to this login
When I clicked 'OK', I get the following error and the two databases are left unchecked.
User, group, or role 'SQL1AGENT' already exists in the current database. (.Net SqlClient Data Provider)
How can I include the databases ?
I am developing an application that uses Access database (mdb file) to store the user data. The user of this application is not interested in the database file (to view in MS Access Environment). Does the user machine requires MS Access installation to run my application or just some couple of dlls (OleDB driver, Access DB Engine,..) should be enough to run my application?
I made a backup of a production database and copied that backup over to a development server and restored the database. Now I have users saying that the application is failing on development. I have users that have NT authentication and some with SQL authentication.
What is the best way to get everything to sync up again?????
I have a few db's that I am backing up from an old sql2000 system and moving them to the new sql2005 server. The first db's restored without any problems but now I am getting some problems with users and logins.
I am restoring in the following order
1.) Creating empty db "123"
2.) Restoring database from file to database "123"
3.) Creating Login to this database (error happens when linking it to the database, "user exists")
When connecting thru QA I get "Cannot open user default database login failed"
I only have 1 login per database and I don't mind manually deleting and recreating them all but it doesnt seem to be working :S
Any suggestions much appreciated!! :)
I am in a situation where I would like to use a SQL login instead of adding individuals windows login to the server. Is there a way to force a login instead of having the report server not give rights at all??
I hope that makes sense...
I'm trying to set up my reports with parameters, to select the paramater by the users login. For example, if someone from the Northwest Region accesses Report mangers and then a report. Instead of them clicking the drop down, for the report parameter. The report automatically generates from the login that gave them access to report manager. So it diplays the information for the Northwest Region.
I know how to do this for Data Driven subscriptions.Such as creating a table , with Region, login, email, and all the information relevant. But how do i do this for users accessing the site theirselves? Is this possible?
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. Description: An
unhandled exception occurred during the execution of the current web
request. Please review the stack trace for more information about the
error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below. I assume that this message appears because I am not retrieving setting the proper access rights from the DB but I don't know how to go about doing this. Could someone provide me with a link to a few examples to help resolve my issue?Thanks,Eric
I created a ASP.net 2.0 application using C# on VS2005 The application access several database on a remote SQL Server 2005I recently added Login functionalties to the application, this created a MDF in the app_data folder.Everything works fine on my local desk top... I can access my remote SQL Server 2005 and the local MDF file works fine, I can create account, login and all that fun stuffSo I Published the site to my target server:Which is the same server running the SQL Server 2005 The parts of the application that does not require login works fine, I can access the SQL server 2005 with ease..see data, update, everythingHowever when ever I try to login or create an account from the application(MDF file) I get this:An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)I can only assume that the problem is with the MDF file. Can anyone point me in the right direction?Thank you Andre
We have a backup/standby server which is restored every night from the daily dump on the main server. Everything seems to work fine, except that the logins/users become out of sync. The logins seem to be fine, but the user names which belong to the different logins do not restore properly which causes problems when using the backup server.
Does anyone know why this happens? Is there a workaround for this?
Over the weekend, I attempted to move six databases from an older server to a newer one. I have installed SQL 6.5 on both with identical configurations. After migrating the data, bringing down the old server, renaming the new server and configuring the ip address, I ran into a problem. Two applications that access databases on the server were unable to login using any id other than the system administrator id. Each of these applications have been tested on a test server with the same configuration as the new and old production servers. Each installation is on an NT server with SP6 and each SQL install is using SP4. One of the applications gives an OLE DB error. Any suggestions would be appreciated. Thanks in advance.
We're having a bit of a problem getting Integrated Security to work with a .Net 2.0 application and SQL 2005. While we're tweaking permissions on the SQL-side, we came across an account "Application Login" and wondered what its role is. First, our problem:
Currently, the users in the AD group get a connection error. This group is defined as follows at the instance level:
user mapping: to the database without any default schema
status: grant and enabled
At the database security level:
securables: execute on all (100+) stored procedures
And we gave them "Execute" on the database itself.
A little background: we had detached and copied this database from one server to another. So we suspect that the Application Login may have been modified/corrupted, even though it appears to be identical between the original and the copied databases. So we redefined it on the copied DB to match the original.
Another group, which is defined as dbo on the database, has no problem at all connecting and running the application.
The Application Login has Execute permissions on all stored procedures and Delete, Insert, Select, Update, and View Definition on the ChangeLog table. It also has db_DataReader, db_DataWriter, and db_ddlAdmin roles associated with it.
Is there another SQL login required for initial connection to the database even though Integrated Security=SSPI is used in the connection string?
Does anyone see where we may be missing a security setting for the non-dbo user group to connect to the database?
Thanks very much for any suggestions, ideas ....
Hi. I have a DetailsView with Bound Fields "Login" and "Password". This informations are stored in SQL database. How to solve such authorization? How to compare password stored in database against passowrd typed by user? Is this a good idea to use CustomValidator control to write some checking procedure?. Regards. Pawel.
How do you generate a script for all the current sql server logins and generate a script for database users for each database.? You can script operaoers, tables, databases, and a lot of other objects by using the “All Tasks” shortcut menu option, but I haven’t figured out to script logins and database users. Any help would be greatly appreciated.
I’m using sql server 2000 and Enterprise Manager.
I have jsut started using SQL server 7 and am having problems with accounts permissions, users,roles, groups, owners etc what are the differences?
I need to determine the following about the current authenticated Windows domain user who is trying to access a SQL Server via a trusted connection.
1 Has the current user been granted login access to the trusted SQL Server?
2 Has the current user been granted access to a specific database?
3 Is the current user a member of a specific database role such as (DB_ROLE_ADMINISTRATORS)?
I have an application that uses an MDF file as a database. Debug mode of application on developing machine works fine.
I synchronize my project to my home computer so that I can work home too. (I use AllwaySync for synchronisation, it copies newer file from the old location overwriting the old ones).
I also have a setup project in my solution for that app.
When I create and install the application on my local computer everything works fine. But when I install it one a different computer and then run it, it cannot connect to database. The error occures while conencting to database saying:
Unable to open the physical file "C:Program Files........VBDB.mdf". Operating system error 5: "5error not found)".
Unable to open the physical file "C:Program Files........VBDB_log.ldf". Operating system error 5: "5error not found)".
Cannot open user default database. Login failed.
Login failed for user 'EKAROMAEka''.
File activation failure. The physical file name "C:Program Files........VBDB_log.ldf" may be incorrect.
the second time I try run my application I get the following error (and all following tried where resulted in this error):
Cannot open user default database. Login failed.
Login failed for user 'EKAROMAEka'.
These exceptions are caught by "try catch" when feeding data into DataGridView om my main form.
I have the sam username and password on my Home and Work computers.
I'm not very good at MSSQL security. I don't know how to solve this problem. I can't even understand wheather this is a security that's built in an MDF file or some kind of a Database server issue.
the connection string that I use for connecting to SQL Server is this:
Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|VBDB.mdf;Integrated Security=True;Connect Timeout=30;User Instance=False
Thanks in advance.
I've created a database in SQL Express and I have a Windows form attempting to connect to it through SQL Authentication. Connection string:
private string connString = @"Data Source=.sqlexpress;Initial Catalog=SQLTestDatabase;User ID=SearchAppRole; Password=password;";
The role I have added to the database is an Application Role. It has been added to the Database permissions with Grant checked for "Select" and "Authenticate".
If I test this with query analyzer, it returns expected results (if I remove Grant from 'Select', it fails)
sp_setapprole 'SearchAppRole', 'password'
select * from recipe
If I edit my connection string (for testing purposes) to use the sa account, the application can connect and run the Select statement:
private string connString = @"Data Source=.sqlexpress;Initial Catalog=SQLTestDatabase;User ID=sa; Password=sa_password;";
However, I cannot get the application to successfully logon and run the select statement when using the user id and password of the Application Role. I get error:
System.Data.SqlClient.SqlException: Login failed for user 'SearchAppRole'. at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj
I can't find much information on Application Role...I just want one basic permission for the application as a whole. Any help is appreciated. Thanks.
Can anyone tell me how i can access an application or open tables in MS sql server that are in MS Access. Its urgent and any help will be appriaciated.
I'm writing a program to access a SQL server and my problem is that if I use a user that isn't an administrator the login is failed.
It specifies the " DomainUserName "
Maybe it wouldn't have bothered me so if I didn't see it working on the last server I had. Unfortunatly, that one was formatted and I wasn't the one installing the SQL server on it.
Does anybody know how to make the SQL server more tolrant to users?
I have a java program that accesses an ms access database throughodbc:jdbc.When deploying my program will the users need a full version ofmicrosoft access to be able to use it?If not, what do they need and where can i get it from.Thanks
EMERGENCY 911 HELP PLEASE
Ok I created a database SQL is the engine and Access XP is the gui. When the users try to access the databae they get error message, it opens up but they cant open the forms for some reason. I was wondering if this had to do with me have Access XP and them having Access 2000, but I highly doubt it because when I had a user log on to my machine (which has access xp) they still were not able to access the forms. Can someone help me out PLEASE PLEASE PLEASE... this is so frustrating :(
One thing I'm noticing is that the users connection keeps dropping???
I'm trying to set up SQL Server so that people with Enterprise Mgr can create a DB registration to their DB only (sql.yoursite.com). Are there any tutorials out there for doing this?
Thanks for the help!
Does anyone know is MS Access has any limited no of users, or how many concurrent users MS Access has?