I am in process of moving Website and its database on a new server under IIS. I moved and attached the database on the new server. Added web site under the IIS, created App pool and made all the changes to the config file to connect to new data source and updated the root folders path.
The index page loads up fine. When i click on another page link, that communicates with the database and I get an error message that reads "Cannot open database "Cdb_name" requested by the login. The login failed. Login failed for user 'db_user'.
I have tried several steps but none seems to work. I am not sure if this is a right place to post this question. Any suggestions/help will be greatly appreciated.
Can you login to sql server using same user name or password. The problem is most likely:
User name / password is wrong
User don't have rights to access to that database
When you move a login from one SQL Server to a different server, it will not work unless it is a domain account. Delete the user from the Database; Security section, then add it back via the Security section. Liek this:
Delete here:
And add the user and User Mapping to the database here:
Related
Windows server 2016.
Old users (those, having profiles/folders created at "C:\Users") are able to remote into our server via RDP, but new users are not. Initially the error was The User Profile Service service failed the sign-in. User profile cannot be laoded.
Checking server, it seems "C:\Users\Default" has the only folder/entry "AppData", nothing more. I copied the file "NTUSER.DAT" from similar server "Default" folder. Also, folder permissions are identical.
Now new users are able to login, but it goes to a temporary profile and of course, user's profile at "C:\Users" does not get created.
Event logs does not tell much, basically just confirms login errors/notes we get:
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
How this can be solved?
Open the registry editor and go to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList then find the key where the ProfileImagePath is the profile location of the user that's not being created. Export, then delete that registry key.
I have a live site (example.com). Instead of making changes and finding bugs when the public can view the site, I decided to setup a staging webiste. I followed the directions for setting it up here.
It appears to have worked, when I go to staging.example.com everything is there. But when I try to login staging.example.com/wp-admin.php it keeps giving
ERROR: Invalid username. Lost your password?
I tried my normal password and the password I used to create the new database.
What did I do wrong or what step did I miss? How can I add a new user to the staging account? I checked wp-config.php and believe I have the DB_NAME, DB_USER and DB_PASSWORD correct.
This is browser caching and cookies.
Try to open the page in anonymous window or another browser, or fully clear your cache and cookies
staging.example.com/wp-admin.php
This path does not exist, you need go to
staging.example.com/wp-admin/
When you need to create new user with database - you can open the database with phpMyadmin, and create user in the table wp_users. The password field must be left blank, and then go to the wp-login.php and recover the password to setup new one.
I've been fighting with this all day looking for solutions, and I've come to a dead end. As soon as I put my application on IIS, I've been getting login errors. One of the errors that I fixed was similar to this one which said " Cannot open database "ClientInfo" requested by the login.
Now I'm getting this error, which is the same, but I'm not sure how to modify the permissions of the NT AUTHORITY\NETWORK SERVICE user for this particular DB.
Cannot open database "aspnet-ClientInfo-20140609140222" requested by the login. The login failed.
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
The full error message is here: s11.postimg.org/3x1vj1ezl/Untitled.png
don't worry too much. This is always a headache when it doesn't work the way you expect. Before I get started, please note that Network Service is probably too high of privilege level for any web app. Check out this article to see how to add a corresponding app pool for a specific website to your SQL Server logins: Add IIS 7 AppPool Identities as SQL Server Logons
This is the way I've solved these types of problems:
1.) Make sure you have access to SQL Server Management Studio Express, and log into the database server. If you are running on SQLEXPRESS, set the server name as .\SQLEXPRESS, or whatever your instance name is.
2.) Go to the Security folder at the server level. Right click on "Logins" and select "New Login". To the right of the Login Name text box, select "Search", then "Advanced", then "Find Now" (without entering any search criteria). Scroll down and select "Network Service"
3.) Hit Ok. Then hit OK again. Your new login has been added for your network service.
4.) Go to the Security folder at the database level. Add a new user by right clicking the User folder under security at the database level. Click the 3 dots (ellipsis) next to the login name, and then click "Browse". Select the checkbox next to the login name you created in step 2. Hit ok. Then hit OK again.
5.) The last part is giving your new user a user name (first text box at the top) and then mapping that user to the right privileges. I'm sure some folks that know more than I do will shoot me, but I always select db_datareader and db_datawriter under "Database Role Membership". If you're using the ASP_NET membership schemas, you should select all the basic access roles as well.
6.) Hit Ok.
Depending on the version of SQL server you're using, you may need see a mild fluctuation between my steps above and what you actually need to do. This should get you close, though.
Scenario: I have the membership provider setup and its currently pointing to a SQL database on my machine. The role based access works and I have a menu that is security trimmed. The user can only get to pages that they have access to.
Problem: When an anonymous user tries to get to a page that they dont have access to it brings them to a login page so that they can login. That is fine. But when a logged in user tries to get to a page they dont have access to(Usually by typing in a URL) it brings them to the login page again asking them to login(except there already logged in. I'd like to either take them to a different page or somehow tell them they don't have access. Any ideas/suggestions?
Thanks in advance
This is what I use. They point out that using <customErrors> won't work because of the way the 401 status gets changed and provide a solution.
very simple question:
I have admin site in my web project. So, how can I make it safe?
What I have until now:
Database handled user with userID and userlevel
on the pageload of the admin master page (which includes all admin sites) there is a clause to check if userID is okay (get the user from database) and if userlevel is right
If Not, redirect to Default.aspx with normal master page
if yes, go trought
How safe is it really?
Edit:
The userID is saved in a session on the server.
There is no way to save the login (no cookies).
The user must login to get the userID in the session
The login is saved in a database table user_log with username, password, ip, loginsucceeded and userID
The basic idea looks ok. It all comes down to how you are getting that UserID to make the checks against. If the userID is being passed as a querystring, then that is very bad. If it is stored in a session via sometype of pre authorization then it is better. If you are using SSL, IP checking, etc it will improve your level of security.
The main thing is HOW you are getting the userID to verify against. That is where the exploit will occur. Secure that process and you should be ok with your setup.
Edit: Based on your update this looks ok but it also depends on how secure you really need this to be. How secure is your sign in page? Are you using SSL? Any worries about session highjacking? Why not store an IP with the userID and verify the request IP against the stored IP when doing the UserID fetch from the session?
There are so many security solutions out there. You need to decide how far you need to safely go to ensure the level of security that is necessary for your particular application.
We use integrated windows authentication.
In IIS manager, click the "Directory Security" tab
Uncheck "Anonymous Access"
Check "Integrated Windows Authentication"
This lets you administer who has rights to your admin site by modifying domain accounts instead of using a roll-your-own solution. You can still get the logged-in user's credentials via the Environment class, which can be used to associate any web-specific properties for each user that you want to store in your database. This also has the advantage of automatically handling timeouts, relogin requirement if browser was closed, etc.
Your solution looks almost fine, though it sounds as though you're adding individual user accounts to the SQL server instead of handling everything through the ASP.NET service account login. I'd avoid adding individual user accounts into your database. In ASP.NET, unless you're jumping through some useless hoops, the ASP.NET service account is what is authenticated for DB connectivity, not the user that's logged into the site.