Develop Reference

ASP.Net Membership Error CREATE DATABASE failed. Some file names listed could not be created. Check related errors

I am trying to add AP.Net membership to my database. I have had success with this in the past so I have some idea of what I am doing. My project is a VB.Net website with Framework 4.5.2. I used asp_regsql.exe in framework 4 to add the schema to my db. I created the following web.config entries (per MSDN articles):
<connectionStrings>
<add name="AFKMSConnectionString" providerName="System.Data.SqlClient" connectionString="working as intended" />
<system.web>
<authentication mode="Forms" >
<forms loginUrl="Account/Login.aspx"
name=".ASPXFORMSAUTH" />
</authentication>
<!--<authorization>
<deny users="?" />
</authorization>-->
<compilation debug="true" targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5.2"/>
<pages>
<namespaces>
<add namespace="System.Web.Optimization"/>
<add namespace="Microsoft.AspNet.Identity"/>
</namespaces>
<controls>
<add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt"/>
</controls>
</pages>
<membership defaultProvider="SqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add
name="SqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="AFKMSConnectionString"
applicationName="AFKMS"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed" />
</providers>
</membership>
<profile enabled ="true" defaultProvider="SqlProvider">
<providers>
<clear />
<add name="SqlProvider"
type="System.Web.Profile.SqlProfileProvider"
connectionStringName="AFKMSConnectionString"
applicationName="AFKMS"
description="SqlProfileProvider for SampleApplication" />
</providers>
</profile>
<roleManager enabled ="true"
defaultProvider ="SqlRoleProvider" >
<providers>
<clear/>
<add name ="SqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="AFKMSConnectionString"
applicationName="AFKMS"/>
</providers>
</roleManager>
My connection string works for my current functions but when I try to register a user I get the following error:
Directory lookup for the file "C:\Users\Dan\Source\Repos\AFKMS\AFKMS\App_Data\aspnet-AFKMS-140073d4-6858-4f19-9555-0edfbaadd43a.mdf" failed with the operating system error 2(The system cannot find the file specified.).
CREATE DATABASE failed. Some file names listed could not be created. Check related errors.
This comes from Accounts/Register,
Dim result = manager.Create(user, Password.Text)
Why is it trying to create a database? What does it look like I am missing?

<connectionStrings>
<add name="AFKMSConnectionString" connectionString="data source=.;Initial Catalog=your_db_name;integrated security=True" providerName="System.Data.SqlClient" />
</connectionStrings>
can you provide us with code of how you create users?
you mentioned: Dim result = manager.Create(user, Password.Text)
i think you need to use:
Membership.CreateUser(UserName, Password, Email)

I'm assuming you've created a new ASP.NET Web Application, using the Web Forms templates?
In which case you appear to be attempting to configure the newer ASP.NET Identity system with the original Membership Provider configuration settings.
As Ahmed noted, you mention the call in the register page to manager.Create(user, Password.Text) - this is using the ApplicationUserManager from ASP.NET Identity.
If you look in the App_Start folder of your project, you should find a file named IdentityConfig.vb (assuming you're using VB.NET), which has a method Create that returns the ApplicationUserManager - this in turn calls the ApplicationDbContext class that is created in the Models folder, that will be defined to use a connection called "DefaultConnection" - by default this is set to be a standalone .mdf file in the App_Data folder named after the project.
You should change this to point at your connection string, but be aware that this uses Entity Framework to create the database schema for you - it should just add it to the existing database, but you should ensure you've backed it up before you start in case it drops everything first.

System.Data.SqlClient.SqlException: Login failed for user 'ASPHOST166\IWAM_plesk(default)'

could anyone help me with this ? Everything works fine in Visual Studio, but does not on a remote server. I have tried to access the page while logged in and logged out, but has got the same error.
Error : "System.Data.SqlClient.SqlException: Login failed for user 'ASPHOST166\IWAM_plesk(default)'."
Web.confing:
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<connectionStrings>
<add name="ConnectionString" connectionString="Data Source=ASPHOST166\SQL2008R2,778; Initial Catalog=Rennoz_DATABASEMDF; User ID=Rennoz_Admin; Password=*****" providerName="System.Data.SqlClient"/>
<add name="ApplicationServices" connectionString="Data Source=ASPHOST166\SQL2008R2,778; Initial Catalog=Rennoz_DATABASEMDF; User ID=Rennoz_Admin; Password=*****" providerName="System.Data.SqlClient" />
<add name="DatabaseEntities" connectionString="metadata=res://*/App_Code.Model.csdl|res://*/App_Code.Model.ssdl|res://*/App_Code.Model.msl;provider=System.Data.SqlClient;provider connection string="Data Source=ASPHOST166\SQL2008R2,778; Initial Catalog=Rennoz_DATABASEMDF; User ID=Rennoz_Admin; Password=*****;Integrated Security=True;User Instance=True;MultipleActiveResultSets=True"" providerName="System.Data.EntityClient" />
</connectionStrings>
<system.web>
<compilation debug="false" targetFramework="4.0">
<assemblies>
<add assembly="System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Data.Entity.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</assemblies>
<buildProviders>
<add extension=".edmx" type="System.Data.Entity.Design.AspNet.EntityDesignerBuildProvider" />
</buildProviders>
</compilation>
<customErrors mode="Off"></customErrors>
<trace mostRecent="true" enabled="true" requestLimit="1000" pageOutput="false" localOnly="true"/>
<authentication mode="Forms" />
<membership>
<providers>
<clear />
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear />
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
</providers>
</profile>
<roleManager enabled="true">
<providers>
<clear />
<add connectionStringName="ApplicationServices" applicationName="/"
name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" />
<add applicationName="/" name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<location path="Moderation">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>
Code behind the page (inserting) :
protected void EntityDataSource1_Inserting1(object sender, EntityDataSourceChangingEventArgs e)
{
Good pic = (Good)e.Entity;
//pic.PhotoAlbumId = photoalbumid;
FileUpload fileupload1 = (FileUpload)ListView1.InsertItem.FindControl("FileUpload1");
string virtualFolder = "~/pics/";
string fizfolder = Server.MapPath(virtualFolder);
string filename = Guid.NewGuid().ToString();
string extension = System.IO.Path.GetExtension(fileupload1.FileName);
fileupload1.SaveAs(System.IO.Path.Combine(fizfolder, filename + extension));
pic.ImageURL = virtualFolder + filename + extension;
pic.Date = System.DateTime.Today;
}

Looks like your application runs under account which is not exist in SQL server. Thus you have login and password specified in connection string for Entity Framework, I think you need remove Integrated Security=True; from this Entity Framework connections string:
<add name="DatabaseEntities"
connectionString="metadata=res://*/App_Code.Model.csdl|res://*/App_Code.Model.ssdl|res://*/App_Code.Model.msl;provider=System.Data.SqlClient;provider connection string="Data Source=ASPHOST166\SQL2008R2,778; Initial Catalog=Rennoz_DATABASEMDF; User ID=Rennoz_Admin; Password=*****;Integrated Security=True;User Instance=True;MultipleActiveResultSets=True""
providerName="System.Data.EntityClient" />
UPDATE: According to your error message, user instance login flag is not supported on your version of SQL server. So remove also User Instance=True; parameter.

Your DatabaseEntities connection string specifies User ID and Password but also Integrated Security=true (which takes precedence). Remove the latter to use the specified SQL account.
Also remove User Instance=true - it is only used when attaching MDF files dynamically.

I had a similar issue.
I let Plesk handle my connection string and then removed it from my web.config file but that's up to you.
1) I created the user "CT11881\IWAM_plesk(default)" under logins, using Windows Authentication.
2) Granted the user full access in "Server Rolls" and "Securables"
http://forums.asp.net/t/1954164.aspx?Windows+2008+VPS+w+Plesk+11+x+SQL+connection+issues

To have to use IntegratedSecurity if your SQL server is located on different machine, you should run your site under the same credential which are allowed in SQL server.
If your Web machine not in domain, you should create the same user with the same credential on both machines (Web and SQL). In the "SQL Server Management Studio", add this user and set needed priviledges.
In the IIS, go to your application pool, click "Advanced settings" and set credentials (for user which you created or for domain user) in the property "Identity".
In the IIS, in your site, go to "Advanced settings" and set credentials (for user which you created or for domain user) in the property "Physical Path Credentials".
In the "ConnectionString", if you are used "localhost" in the property "source", change it on UNC address, where is located your SQL server.
If connection can't be established, make sure that the TCP/IP protocol is enabled in the "SQL Server Configuration Manager" for used SQL instance (after change, need to restart an instance) and that is TCP port 1443 is alowed in firewall on your SQL machine. You can ping this port from the Web machine with help "Paping" utility - "paping YourSqlMachine -p 1433 -c 4".

LoginView works in Account folder, not in root folder of website

I have been searching the internet for an answer to my problem and have read through the msdn site on ASP.Net controls, security and authentication but either cannot find the answer or missed it with all the information I have read.
I am building a website in ASP.Net v2.0 to be hosted on a remote server. I am using MySQL as the back end which also contains the user tables. I have used the same user table structure as that used in the default membership table. The folders in the application all have the default role privileges assigned to them.
The following problem is occurring in my testing on my local computer.
When I login a user using the ~/Account/Login.aspx page I redirect the user to ~/Account/AccountDetails.aspx, which contains a LoginView. After logging in, the user name is visible on this page inside the LoginView and they are Authenticated.
When I then go to ~/Default.aspx, and using the same code for the LoginView, the username is not displaying and they are no longer Authenticated.
I do not want to create multiple pages to show the same data, as both logged in and anonymous users need to see the same information in the ~/Default.aspx page. I was just hoping to show that the user is logged in on the Default.aspx page or any page in the ~/ folder.
I know it is going to be a simple setting or change that is required, like a role or membership or something, but I cannot figure it out.
I have looked through stackoverflow and found a lot of LoginView questions, but cannot seem to find one that answers my question.
I was hoping someone might be able to point me in the right direction.
Here is the code used on both the Default.aspx and AccountDetails.aspx pages. It is the default LoginView code from the template ASP.Net website application.
<div class="loginDisplay">
User Authenticated? <%= Page.User.Identity.IsAuthenticated %>
<asp:LoginView ID="HeadLoginView" runat="server">
<AnonymousTemplate>
[ Log In ]
</AnonymousTemplate>
<LoggedInTemplate>
Welcome <span class="bold"><asp:LoginName ID="HeadLoginName" runat="server" /></span>!
[ <asp:LoginStatus ID="HeadLoginStatus" runat="server" LogoutAction="Redirect" LogoutText="Log Out" LogoutPageUrl="~/"/> ]
</LoggedInTemplate>
</asp:LoginView>
</div>
The ~/Account/web.config file contains the following:
<?xml version="1.0"?>
<configuration>
<location path="Register.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
The ~/web.config file contains the following information. I have edited some of the values for username and passwords. I have also removed the commented lines.
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="MySqlMembershipConnection" connectionString="Data Source=mydatasource;user id=dotnet;password=dotnet;" providerName="MySql.Data.MySqlClient" />
<add name="mycs" connectionString="Dsn=mydsn" providerName="System.Data.Odbc" />
<remove name="LocalMySqlServer" />
<add name="LocalMySqlServer" connectionString="database=mydsn;server=localhost;User Id=dotnet;password=dotnet" providerName="MySql.Data.MySqlClient" />
</connectionStrings>
<system.web>
<sessionState mode="Custom" cookieless="false" regenerateExpiredSessionId="true" customProvider="MySqlSessionStateProvider">
<providers>
<add name="MySqlSessionStateProvider" type="MySql.Web.SessionState.MySqlSessionStateStore, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="" connectionStringName="LocalMySqlServer" writeExceptionsToEventLog="False" autogenerateschema="True" />
</providers>
</sessionState>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="30" name=".ASPXFORM$" path="~/" requireSSL="false" slidingExpiration="true" defaultUrl="~/Default.aspx" enableCrossAppRedirects="false" />
</authentication>
<membership defaultProvider="MySQLMembershipProvider">
<providers>
<clear />
<remove name="MySQLMembershipProvider" />
<add name="MySQLMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="mydescription" connectionStringName="LocalMySqlServer" writeExceptionsToEventLog="False" autogenerateschema="True" enablePasswordRetrieval="False" enablePasswordReset="True" requiresQuestionAndAnswer="True" requiresUniqueEmail="False" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>
<profile defaultProvider="MySQLProfileProvider">
<providers>
<clear />
<remove name="MySQLProfileProvider" />
<add name="MySQLProfileProvider" type="MySql.Web.Profile.MySQLProfileProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" applicationName="/" description="" connectionStringName="LocalMySqlServer" writeExceptionsToEventLog="False" autogenerateschema="True" />
</providers>
</profile>
<roleManager enabled="true" defaultProvider="MySQLRoleProvider">
<providers>
<clear />
<add applicationName="/" name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider" />
<add applicationName="/" description="" connectionStringName="LocalMySqlServer"
writeExceptionsToEventLog="False" autogenerateschema="True"
name="MySQLRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.4.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" />
</providers>
</roleManager>
<customErrors mode="Off" />
<compilation debug="true" />
</system.web>
<system.net>
<mailSettings>
<smtp from="user#domain.com">
<network host="mail.domain.com" password="mypassword" userName="myusername" />
</smtp>
</mailSettings>
</system.net>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
</configuration>

So after much testing I figured out where the problem was. Firstly, I had three connection strings, one for the data and two for the forms authentication. I combined the two forms authentication connection strings into a single connection string. This allows me to have one connection string for data and one for authentication.
Next, I wanted to find out where my problem was occurring, so I created a new blank ASP.NET website in VS 2010 and then step by step, added in support for MySQL. This was done by adding in the MySQL Data and Web references first, then the connection strings and then finally the forms authentication.
I noticed in the forms element in the system.web authentication element, that it only included the loginURL and timeout attributes, so I tested the application by adding in additional attributes for the forms element until I found the attribute causing the problem.
In my forms element the path attribute was set to '~/'. When I changed this to '/' the application started to work correctly.

How to use ASP.NET authentication with active directory?

I have my config setup like below:
<configuration>
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://myldap/CN=Users,DC=nevco,DC=local"/>
</connectionStrings>
<system.web>
<authentication mode="Forms">
<forms name=".ADAuthCookie" timeout="10" loginUrl="Login.aspx" defaultUrl="Default.aspx" />
</authentication>
<membership defaultProvider="DomainLoginMembershipProvider">
<providers>
<clear/>
<add name="DomainLoginMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" />
</providers>
</membership>
</system.web>
</configuration>
I can attempt to log on but every time it says I am using the incorrect username/password. Does it look like I am doing anything wrong above? Is there any way for me to find more information on why it's not finding my username/pass?
UPDATE:
Do I need to provide a Username and Password in my membership/providers section?

Ok, I ended up using an LDAP browser to examine the structure. After a little fudging around I changed my LDAP url to this:
LDAP://myldap/DC=nevco,DC=local
And it started working. Hope this helps someone!

Why make the user login in at all?
Try this provider
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" />
you can then do something to see if they are authorized Roles.
Roles.IsUserInRole("someGroupInAd")
Your web site would have to be setup with Integrated Windows Authentication in IIS

How to create default users in Web.config for Membership

how can I add default users in my web.config to test my asp: login control
Thanx

I was wrong wrong wrong in my initial answer. You can set default users in Web.config if you do some simple authentication by yourself, but it doesn't seem to work when you are using the Login control.
I did some research, and it seems that, if you use the Login control, you can't set default users in Web.config and you have no way but setting a provider (as in a database) to store users credentials.
You can follow this tutorial from MSDN to configure what database to use:
Configuring an ASP.NET Application to Use Membership
The Web.config stuff:
<configuration>
<connectionStrings>
<add name="MySqlConnection" connectionString="Data
Source=MySqlServer;Initial Catalog=aspnetdb;Integrated
Security=SSPI;" />
</connectionStrings>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx"
name=".ASPXFORMSAUTH" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add
name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MySqlConnection"
applicationName="MyApplication"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="true"
passwordFormat="Hashed" />
</providers>
</membership>
</system.web>
</configuration>