I have the following code
SqlConnection conn = new SqlConnection("user id=clearpath\\user;" +
"password=Password1;server=sqldatamart;" +
"Trusted_Connection=yes;" +
"database=LENDER_LOAN_SERVICE;" +
"connection timeout=30");
SqlCommand cmd = new SqlCommand("INSERT INTO [LENDER_LOAN_SERVICE].[CMC].[Turn_Times] values('"+dateadded+"','"+username+"','"+prevtime+"','"+type+"','"+newturntime+"')",conn);
conn.Open();
which works fine when I am doing local development. However when I put the website on my IIS 6 on my computer I get the following error.
Login failed for user 'CLEARPATH\IT-CARLOSDELL$'.
Line 42: SqlCommand cmd = new SqlCommand("CMC.sp_NewDocMod", conn);
Line 43:
Line 44: conn.Open();
Line 45:
Line 46: SqlDataReader reader = cmd.ExecuteReader();
with an error on line 44.
It seems its changing the connection string from clearpath\cpereyra to clearpath\IT-CARLOSDELL$
My computer name is IT-CARLOSDELL
any ideas on how to fix this?
Thanks
Sounds like your application pool is using 'LocalSystem' as pool identity.
You need to do one of the following:
Give permissions in SQL for the CLEARPATH\IT-CARLOSDELL$ account
Change the identity on the application pool to one with permissions in the DB (Perhaps clearpath\cpereyra)
Set up authentication on your site to impersonate the user who connected to the site and has rights in the SQL DB.
Remove Trusted_Connection=yes from your connection string.
Which one you pick depends on the approach you use to secure your site.
BTW: It is not changing the connection string. It is using that account because you have Trusted_Connection=yes. It is using the account the ASP.NET worker process is running under to try to connect to the database.
Remove the Trusted_Connection=yes from your connection string. Right now, the string is giving a specific user name and password and also saying to use the pass-through Windows authentication. When running locally, your Windows account has rights to SQL (I assume), but in IIS, it is most likely logging on as anonymous.
Related
I am working on IIS 7, SQL Express 2008.
I'm trying to use the Web Site Administration Tool to set up some users in a membership db. I have the tables set up but when I click on the security tab in the web app I get an exception "There is a problem with your selected data store..." the error i get is
"The following message may help in diagnosing the problem: Cannot open database "ticketinventory" requested by the login. The login failed. Login failed for user 'sa'"
The connection string I am using is "data source=kyrian-pc\sqlexpress;Initial Catalog=ticketinventory;Persist Security Info=True;User ID=sa;Password=******;"
(I know to not use sa for a connection string, this is just to get it to work initially and I have removed the password with ** )
I can log into sql with the sa username and password and query the membership tables. If I change the querystring to a fake user name I see the error message in the web app reflect that username so I know it is using the right connection string.
As far as I can tell this should be working but I am obviously missing something. Any ideas?
EDIT
It turns out the issue has something to do with my connection string itself. I created a test page with this code
using (System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection(ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString))
{
conn.Open();
conn.Close();
}
and this throws a login exception. For whatever reason my other connection string are being stored in the appSettings so there is some difference that I am now trying to work out.
Despite checking it 5 or 6 times I had the db name wrong in the connection string. Problem solved.
"The only infinite things are is the universe itself and the stupidity of man, and I'm not sure about the 1st one" - einstein
I have hosted a new website from www.hostingfarms.com. They have a file manager for uploading the website content and backup / restore DB (.bak) of MS SQL. I uploaded it. But when I log in into my website (www.theyuvaworld.com), database not gets connected. I have used this connection string in my local PC
SqlConnection con = new SqlConnection("server=.;database=test;integrated security=true");
SqlCommand cmd = new SqlCommand();
Should I make any changes here.
Note : I have created a user in file manager's database i.e Username = Nikhil and Password = **.
I will give any other details if wanted.
Regards,
Nikhil
I figured out this,
Connection string syntax is
data source=.\\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true
My app fails at this line of code:
Dim objConnection As New SqlConnection(Application("ConnString"))
My connection string is:
"Server=testAITSQL;Database=SSCommerce;UID=PlanoWebApp;PWD=XXXXXXXX;"
I googled this problem and the solution for it was having a malformed connection string where the "provider" was being specified when it shouldn't have. Example conn string:
Provider=SQLOLEDB.1;Integrated Security=SSPI;DATABASE=APInquiry;SERVER=SqlServer
I'm not specifying the Provider so I think I have a different problem...???
Does your test server have the exact same configuration file as your development machine? I suspect the configuration file on your test machine may have a different set of values for ConnString than you are expecting.
Provider=xxxx is not a valid .net connection string token.
You are already implicitly specifying the provider by instantiating a SqlConnection.
Drop the provider pair and you will be golden.
maybe, for sh!7s and giggles, try Application("ConnString").tostring
You are connecting to a SQL Server, right?
My ConnString has the following options:
Server
Database
User ID
Password
I'm trying to write a simple website (ASP.NET v4), which will call Windows Search, find a specific file and return it to the user. I've put together the following as an example: it calls the Windows Search service on "remoteserver", and returns the path of "somefile.txt":
OleDbConnection conn = new OleDbConnection();
conn.ConnectionString = "Provider=Search.CollatorDSO;Extended Properties='Application=Windows';";
OleDbCommand cmd = conn.CreateCommand();
cmd.CommandText = string.Format(
"SELECT System.ItemPathDisplay, System.ItemType FROM " +
" sytelhp.systemindex WHERE SCOPE='file://remoteserver/archive' AND CONTAINS(\"System.FileName\", " +
" '\"*{0}*\"')", "somefile.txt");
conn.Open();
OleDbDataReader rdr = cmd.ExecuteReader();
string result=rdr[0].ToString();
.. and this works great on Visual Studio 2010 development environment, "result" contains the path to the file. However, if I deploy it to the local IIS7 server (running on Server 2008), I get this error:
The parameter is incorrect.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.OleDb.OleDbException: The parameter is incorrect.
I'm at a loss where to go next. What do I need to do to IIS7, or the code, or both to get it working? Again, this works fine within VS2010 (tested on both Windows 7 and Windows 2008 Server).
I guess you are running on Vista or older OS and the IIS runs on 2008 Server or newer?
Try Provider=Search.CollatorDSO.1 (note the .1).
Edit: You should use a different user account for the search to work (not the default "network service" one the asp.net app runs under). See the comments for more info.
Don't shoot me for this, but I've posted this on experts-exchange as well. I just need an answer. Here's the question (and yes, i've searched, googled, and searched again):
I'm getting some very strange errors on boiler plate odbc connection code. The code connects to DB2 (which is always a joy to work with) and has never given me issues in the past. This is your typical work ghost....one day it just stopped working. This is happening on 2 separate instances of Windows 2003 servers. On my local machine the code works fine. The code is connecting via a system dsn setup via the IBM DB2 CONNECT components.
One error I get reads:
ERROR [08004] [IBM][CLI Driver] SQL1092N "ASPNET" does not have the authority to perform the requested command.
This happens even after I place the ASPNET account in both the DB2ADMINS and DB2USERS groups. I know the DB2USERS group should have permissions enough, but I tried DB2ADMINS just for kicks, yet neither of them work.
In my other applcation, which is using the exact same system dsn (well, it's trying to anyhow), The error message is simply blank....there isn't one. The stack trace reads:
at System.Data.Odbc.OdbcConnection.HandleError(OdbcHandle hrHandle, RetCode retcode)
at System.Data.Odbc.OdbcConnectionHandle..ctor(OdbcConnection connection, OdbcConnectionString constr, OdbcEnvironmentHandle environmentHandle)
at System.Data.Odbc.OdbcConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.Odbc.OdbcConnection.Open()
at code class ... line xxx //abridged
at form class ... line xxx //abridged
I'm at an utter loss here...it worked....and now it doesn't...
Here is the odbc code:
String dsn = ConfigurationManager.AppSettings.Get("DSN");
String con = ConfigurationManager.ConnectionStrings[dsn].ToString();
// con evaluates to "DSN=MYSYSDSN"
OdbcConnection conn = new OdbcConnection(con);
OdbcCommand command = new OdbcCommand(Constants.SQL_GET_DATA, conn);
command.CommandType = CommandType.Text;
OdbcParameter param1 = new OdbcParameter("#param1", param1value);
OdbcParameter param2 = new OdbcParameter("#param2", param2value);
command.Parameters.Add( param1 );
command.Parameters.Add( param2 );
OdbcDataReader rdr = null;
try
{
conn.Open(); //errors here w/ above stack trace and an empty message string
.....
The connection string/data source you're pulling in is using what in the Sql Server world we call a trusted connection or integrated authentication. This works just fine in testing, as the app will run with your credentials, and you have permissions to access the database.
However, when deployed to a server, the app runs using a special user account named "ASPNET". This account does not have permission to access your database. So there are two ways to fix it:
Give the ASPNET account rights to the database.
Use impersonation to make your app run with a different account.
You should really choose the 2nd option, as the ASPNET account is a local machine account rather than a domain account, and you don't want to be throwing permissions around like that. It also explains why adding the ASPNET account to your group doesn't work - it's a local account rather than a domain account (you're probably adding the wrong ASPNET).
Unfortunately, I can't help you set up impersonation as we use sql authentication where I'm at. But I can give some pointers on improving the code you posted:
String dsn = ConfigurationManager.AppSettings.Get("DSN");
String con = ConfigurationManager.ConnectionStrings[dsn].ToString();
// con evaluates to "DSN=MYSYSDSN"
using (OdbcConnection conn = new OdbcConnection(con))
using (OdbcCommand command = new OdbcCommand(Constants.SQL_GET_DATA, conn))
{
command.Parameters.AddWithValue("#param1", param1value);
command.Parameters.AddWithValue("#param2", param2value);
//no need for try/catch here unless you do logging at this level
// instead, let it bubble up for the next level to decide how to handle
conn.Open();
using (OdbcDataReader rdr = command.ExecuteReader())
{
while (rdr.Read())
{
// do something
}
}
} // no need to call conn.Close() here - 'using' block takes care of it