I have an asp.net application and i use the login control. It uses the default aspnetdb.mdf. Everything worked fine on the local network but when i hosted the website on the internet, the login doesnt work. It gave me the error:
"Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed. "
my connection string for the database is:
<remove name="LocalSqlServer" />
<add name="LocalSqlServer" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient" />
User Instances (the AttachDBFilename part of your connection string) is a feature of SQL Server Express, and I am guessing your host services use the full version of SQL Server (that does not support that feature).
You will probably need to connect to your hosted SQL Server using SQL Server Management Studio and upload your database there. Then you will need to update your connection string to point to that server/database.
Related
I have created a database in Azure SQL. I have updated firewall so that my local machine and dev server can hit the database. I have tested on both machines using the credentials using SQL Server Enterprise Manager all connects fine.
When I use the same server details and credentials in my web.config, it cannot connect - I get this error:
A connection string is configured but Umbraco cannot connect to the database
The website is an umbraco cms website.
I have tried recreating the database, and also deleting reading the login and user still no joy.
<add name="umbracoDbDSN" providerName="System.Data.SqlClient" connectionString="data source={dbServer};initial catalog={databaseName};persist security info=True;user id={userID};password={userPassword};MultipleActiveResultSets=True;" />
please try this just change {} to your configuration
I'm creating something like an Intranet. Users today already access directly SQL Server using Windows Authentication, where security grants are set for each user, but I want to put the ASP.NET Web Server between these users and the database. I want the IIS to pass user's windows authentication credentials (from users accessing the website) to the SQL Sever.
Conditions:
Both the Sql Server and the IIS are in the same domain.
They are in different machines.
I've found this acticle which explains how to do that, but there is a disclaimer saying that SQL and IIS must be in the same machine.
Is there some way to do that given my conditions?
The don't have to be the same machine, just make sure you have set up IIS to use Windows Authentication and also in your connection string connect as the windows user e.g.
<connectionStrings>
<add name="DatabaseConnectionName" connectionString="Data Source=localhost;Initial Catalog=YourDataBaseName;Integrated Security=True;" providerName="System.Data.SqlClient" />
</connectionStrings>
I have inherited an asp.net 2.0 application that uses a SQL Server 2005 Express database and I am grappling with the authentication mode.
I have read that windows authentication is more secure and locally that works just fine. I use the default machine account and a trusted connection in the connection string similar to :
value="trusted_connection=True;server=MYMachineName\SQLExpress;Database=DatabaseName;Pooling=false"
On the server though, I find myself having to grant more privileges to the aspnet user (execute, update) in the database and am wondering if this makes sense after all. The login verification is actually handled by the application.
Does it make more sense to set up a database user and use those credentials in the connection string? Would this be an acceptable connection string?
value="Server=myServerName\SQLExpress; Database=myDataBase; User Id=myUsername; Password=myPassword;"
If you’re not in a need for a very high security you’ll be doing just fine with sql authentication.
Try this connection string instead
<add name="connstring" connectionString="Data
Source=myServerName\SQLExpress; Initial Catalog=myDataBase;
Persist SecurityInfo=True;User ID=myUsername; Password=myPassword"
providerName="System.Data.SqlClient"/>
I am using integrated security in an ASP.net application, the IIS and SQL Server are both hosted on the same server machine running Windows Server 2008 R2.
Is it possible to allow users to access the application from across the network AND logged in users but not let them access the database directly or via SQL Server Management Studio?
I am trying to safeguard the database access because my application is going to be deployed on the client's server at client's premises.
Here is my connection string that i am currently using
<add connectionString="Server=.\sqlexpress;Database=DB89akwA;Integrated Security=true" name="LocalSqlServer" providerName="System.Data.SqlClient" />
<add connectionString="Server=.\sqlexpress;Database=DB89akwA;Integrated Security=true" name="MainAppConnectionString" providerName="System.Data.SqlClient" />
These are the two connection strings i am currently using, one is for ASP.net Authentication and second is used by my application. These both strings are the same and of the same database.
Any suggestions?
It is not possible to 'secure' a database running on client's premises. The client's staff can get the password from the ASP.Net connection string. A domain administrator can always gain access to the database (there is an actual MSDN article describing the process: Connect to SQL Server When System Administrators Are Locked Out).
If you want to hide the Intelectual Property you feel your database has, then your only solution is to not deploy the database on the client premise (use a hosted database like SQL Azure for instance).
If you simply want to prevent the client from interfering with the database you can stipulate so in the contract. Auditing and detecting interference is possible.
Yes, that is completely possible. A Person logged in to ASP.NET using integrated security can not log in to SQL Server with the same credentials. Both are completely disconnected. It is only possible if the SQL Server has been set to allow them access.
My Piece of advice would be to create SQL Login and users, and only give them access to SQL Server. In your application, when you create the Connection String, do not set integrated security to true, and just let the user enter his Sql username and password to access the database.
Previously for all our asp.net applications we have been using a sysadmin user within SQL Server to connect and add/update/delete/get data. Our SQL Admin wants to delete that account and create a Domain Account so we can use that account within our .net applications.
My current connection string is:
name="name" connectionString="Data Source=server;Initial Catalog=database;Persist Security Info=True;User ID=user;Password=password" providerName="System.Data.SqlClient"
What would the connection string be for using a domain account?
I tried:
name="name" connectionString="Data Source=server;Initial Catalog=database;Persist Security Info=True;User ID=domain\user;Password=password" providerName="System.Data.SqlClient"
and it does not work.
Is there a different way to connect to SQL Server using a domain account?
Have a look at connectionstrings.com for every possible variation - a very handy resource I use all the time
Specifically, you want this format:
Data Source=myServerAddress;Initial Catalog=myDataBase;Integrated Security=SSPI;
This, of course, only works if the domain account in question is the one opening the connection.
There's no easy way to connect with arbitrary credentials - but you can impersonate the user in question and then connect.
This can be a bit of a pain. An alternative if the users are on the local network (or you control their browser config) is to use Kerberos authentication on your site. The pages will be served with the relevant user's permissions - then you can use the connection string above and IIS will connect to the Db with the appropriate credentials for each user. This is particularly useful from a security perspective as the Db is able to audit on a per-user basis, and permissions can be per-user/row/column instead of only per-app.
If you want to use different user account then the logged in user you have two options.
Option 1
You can add the user to Application pool Identity.
For this go to advance setting of application pool and edit the identity to use the user you want.
Option 2
Add this in Web config:
<identity impersonate="true" userName="Domain\User" password="Password" />
And use this connection stirng:
<add name="Name" connectionString="Data source=SqlServer;Initial Catalog=DbName;Integrated security=True" providerName="System.Data.SqlClient"/>
For More Details See:
https://msdn.microsoft.com/en-us/library/134ec8tc.aspx
Also found another good article here
https://www.codeproject.com/tips/520341/implement-impersonation-in-asp-net
Use integrated security:
Integrated Security=SSPI
Which has a variant:
Trusted_Connection=True
The different connection strings (for a variety of databases) can be found on connectionstrings.com.
With both of these you need to ensure that the application is running under the account you need to login with.
Yes, try this:
Data Source=server;Initial Catalog=database;Integrated Security=SSPI;
This specifies that you wish to use integrated Windows authentication where you were still trying to use SQL Server authentication (even though the username you entered looked like a Windows domain / user account SQL server still treats it as standard SQL Server authentication)
Also take a look at connectionstrings.com
Data Source=myServerAddress;Initial Catalog=myDataBase;Integrated Security=SSPI;
The above is a connection string for Windows Authentication against your SQL Server instance.