I am using membership class for my user management, and it created a database called ASPNETDB.MDF.. I decided to use the same database to handle my other data, and so I added some of my own tables in there...
When I try to access it:
<connectionStrings>
<add name="connString" connectionString="Initial Catalog=MyProject;Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\MyName\Documents\Visual Studio 2008\Projects\Project\MyProject\App_Data\ASPNETDB.MDF;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
</connectionStrings>
Using this:
Dim conn As SqlConnection = New SqlConnection(ConfigurationManager.ConnectionStrings("connString").ToString)
It gives me this error after I log in through Membership class:
Cannot open database "MyProject" requested by the login. The login failed.
Login failed for user 'My-PC\Myuser'.
I am not sure what's going on?
Edit: If i don't use Membership class, I can use the database fine.. but when after I login using the membership class, it stops to work..
Make sure My-Pc\MyUser has access appropriate permissions to 'MyProject' database. For the test environment that my local projects run on, i generally assign myself as the database owner to the database i want to access. That is if i am the only user accessing it. You can do so by running EXEC sp_changedbowner 'My-Pc\MyUser'. Obviously, you want to dedicate a separate account with limited access for your production environment.
You'll probably need to make sure that the user the web server is running as has read/write access to the db file and directory.
Try removing "connString" from web.config and using "LocalSqlServer" connection string instead (it is defined in machine.config):
Dim conn As SqlConnection = New SqlConnection(ConfigurationManager.ConnectionStrings("LocalSqlServer").ToString)
I also encountered this problem, and I noticed that it does indeed work if I changed the owner of the database to 'My-Pc\MyUser' (via EXEC sp_changedbowner 'My-Pc\MyUser') as pointed out above.
You might also try running this on your database:
exec sp_grantlogin 'My-PC\MyUser2'
This is certainly useful if you want MyUser AND MyUser2 having access to your database. I encountered this scenario when I have to execute aspnet_regsql.exe using MyUser2 credentials (as the owner of my database is ASPNET, which does NOT have login/runas capabilities).
Hope this helps someone :)
Related
I've moved all the tables,
AspNetRoles
AspNetUserClaims
AspNetLogins
AspNetRoles
AspNetUsers
into my working SQL Server 2012 Express database with the rest of my tables and updated my .EDMX in Visual Studio Express 2013. I can now see all my tables and all my models in one place in VS.
When I create a new user everything works fine but the new users are not ending up in the AspNetUsers table in the database. Like I said, the application continues to work fine with the new user but I can't find them anywhere, where are they?
I only have one connection string in my application, so I have no idea where or why they could be going anywhere else:
<add name="Entities"
connectionString=
"metadata=res://*/Models.Listing.csdl|res://*/Models.Listing.ssdl|res://*/Models.Listing.msl;provider=System.Data.SqlClient;
provider connection string="data source=XXXXXXXX;initial catalog=database;
integrated security=True;
MultipleActiveResultSets=True;
App=EntityFramework""
providerName="System.Data.EntityClient" />
The new user is somewhere, after creating one I can navigate. Could they just be stuck in memory or something?
Can anyone help me out on this one?
The new user is probably sitting in the database specified in your default connection string in your web.config. Make sure to specify the connection string named "Entities".
I'm guessing but I would tend to believe that they are being saved in a LocalDB file specified by your default connection string.
I've got ELMAH working on my (Cassini) development server, and was quite happy with it, but now that I'm trying to move everything to my production server (IIS7), the honeymoon looks like being over.
I've got past the "gotcha" with IIS7, which frankly could have been better highlighted in the documentation, and if I just use the in-memory log then it works.
However, I'm trying to get it to use the SQL Server log (as I do on my development system), and I'm getting an error along the lines of:
The EXECUTE permission was denied on the object ELMAH_GetErrorsXml
Well, fine. I know how to grant database permissions, but I'm really struggling to understand which user and which stored procs/tables I need to grant access to.
The thing that's really confusing me is that I didn't have to do anything like this to get it to work on my development server. The only difference I can see is that on my development server it seems to connect as NT AUTHORITY\IUSR, whereas on my production server it seems to connect as NT AUTHORITY\NETWORK SERVICE. (It's just using a trusted connection so I've not explicitly configured it to do that - I presume it's to do with the web server). UPDATE: I've since established that because I'm using Cassini, it was actually logging in as me (an admin) and not IUSR, which explains why I didn't get any permission problems.
On my development server, the IUSR account is a member of the public database role, and has access to the required database (again as "public"). There's no explicit granting of object-level permissions. [See update above - this is irrelevant].
On my production server, I've added NETWORK SERVICE in exactly the same way (public database role, explicit access to the database as "public"). Yet, I get this permission error. Why?!! [See update above - the only reason I don't get a permission error is because I'm running as an admin].
And, of course, if the fact that it works locally is just "luck", I will need to know which SPs/tables to grant access to. My guess would be all 3 SPs and not the table, but it would be good (again) to see some documentation that makes this explicit.
example of sql needed to give execute permission to the user USER_NAME:
GRANT EXECUTE ON ELMAH_GetErrorsXml TO USER_NAME
GRANT EXECUTE ON ELMAH_GetErrorXml TO USER_NAME
GRANT EXECUTE ON ELMAH_LogError TO USER_NAME
Are you providing ELMAH with a full connectionstring in the web.config? If so, you should know exactly what db user to grant permissions to, right? And yes, permission would be to execute the three ELMAH stored procedures...
Here's a configuration that I've used:
<elmah>
<errorLog type="Elmah.SqlErrorLog, Elmah" connectionStringName="elmah" />
</elmah>
<connectionStrings>
<add name="elmah" connectionString="Data Source=XXX;Initial Catalog=XXX;User Id=XXX;Password=XXX;" providerName="System.Data.SqlClient" />
</connectionStrings>
I am not used to work with SQL Server(usually I just use express). I run it on windows server 2008, iis7.
I have attached the database to my sql server. I made a web site in iis7 but I get this error message.
Cannot open database "Phaeton.mdf" requested by the login. The login failed.
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Connectionstring I use
<add key="PhaetonConnectionString" value="Data Source=.;Initial Catalog=Phaeton.mdf;Integrated Security=True"/>
Thanks
Since you are using Integrated Security the SQL connection will use the windows identity which is passed from ASP.NET.
You can either change your security to mixed-mode which will involve removing the integrated security. Or use impersonation (check IIS and your web.config) and grant that user access to the database.
Hope that helps
You need to configure your application in IIS to turn off anonymous access and turn on Windows authentication(If yoy want to use integrated security).
Access SQL Server Using Windows Integrated Security
The other way, you can use a connection string with user/password ... with the appropriate login
Problem was that the database I tried to attach was sql express
The problem is here:
Initial Catalog=Phaeton.mdf
In SQL Server Express, you can attach a filename as a local database. That's not how it works on a production SQL Server. In non-Express versions you attach a database permanently, which it looks like you've already done, and you give it a logical name, which is not the same as the primary file name.
I would guess that if the file name was "Phaeton.mdf" then you probably named the database "Phaeton". In which case that part of the connection string should simply be:
Initial Catalog=Phaeton
If that's not the right name, you can get a list of database names from the server using the following script:
USE master;
SELECT name FROM sys.databases
I am facing problem with database connection. As I know if we create new user, using Create UserWizard control and after running it if we refresh the refresh button from solution explorer,aspnetdb.mdf will generated automatically under app directory.But in my case its not happening.I mean aspnetdb.mdf is not generating. Once I submit the sign up submit button getting this error message "Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'. "
Here is my connection string in web.configfile.
<connectionStrings>
<add name="BankingTransaction" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Bank.mdf;integrated security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>
Please somebody help me where is my mistake.
Thanks,
Masum
The database need the regsql.exe running on it to add all the files the membership .net stuff uses.
This explains how to do it
http://msdn.microsoft.com/en-us/library/ms229862(VS.80).aspx
This installs all the tables and procedures needed for the ASPNET roles and membeship
It sounds like there is a stored procedure you are calling (dbo.aspnet_CheckSchemaVersion) that does not exist in the database.
Here are some folks who seem to have encountered this same issue:
http://forums.asp.net/t/940632.aspx
http://forums.asp.net/p/1042979/1456396.aspx#1456396
http://social.msdn.microsoft.com/Forums/en-US/adodotnetdataproviders/thread/7a85cf72-7f53-421f-be74-b12262c47f37/
It may be worth trying some of those solutions. This one sounds promising:
Run the following on your SQL SERVER instance:
Exec sp_addrolemember 'aspnet_Membership_FullAccess', 'YourUser'
go
Exec sp_addrolemember 'aspnet_Personalization_FullAccess', 'YourUser'
go
Exec sp_addrolemember 'aspnet_Profile_FullAccess', 'YourUser'
go
Exec sp_addrolemember 'aspnet_Roles_FullAccess', 'YourUser'
go
Exec sp_addrolemember 'aspnet_WebEvent_FullAccess', 'YourUser'
go
I have an admin account for my website where I add new clients. When a new client is added, they get an account and their own database.
The problem is I can't create new databases on my server from my admin account. When running it locally, I can add a database locally. But, when I try adding to the server running my website off the server, I get
CREATE DATABASE permission denied in database 'master'.
I've been able to add the database (locally) a few ways. This is one of the simpler working versions:
tmpConn.ConnectionString = "Data Source=.\\SQLEXPRESS; DATABASE = master;Integrated Security=True;";
sqlCreateDBQuery = " CREATE DATABASE " + dbname;
SqlCommand myCommand = new SqlCommand(sqlCreateDBQuery, tmpConn);
try
{
tmpConn.Open();
myCommand.ExecuteNonQuery();
}
catch (System.Exception ex)
{}
I suspect that whatever account you're using to connect to Sql Server doesn't have permissions to CREATE DATABASE. You're probably using Integrated Security, which would use Network Service/ASP.NET to connect to MSSQL. You need to create a new connection string that uses Sql Authentication with sa (or another sysadmin) credentials.
Oh - and this would work locally because you're running it under Visual Studio's WebDev.exe which is run with your local user account - which is probably set up as a sysadmin in MSSQL.
You should contact your service provider. (Or the maintainer of the server).
You need create database and create database user permissions. Your service provider should be able to facilitate this.
Something else no one has suggested is what kind of validation you are doing on the dbname value. Are you sure there are no spaces in it? That it's not a reserved word? That it doesn't contain malicious code? At very least you should encase it in brackets:
sqlCreateDBQuery = String.Format(" CREATE DATABASE [{0}]", dbname);
I really hope you aren't allowing the user to type this name directly into a textbox somewhere. Even if you use property security on the initial input and this is pulled back from a common "clients" db of some kind, you might be setting yourself up for a 2nd order Sql Injection vulnerability.
After you've addressed that, we can look at the error message here. In this case, the problem is that your web user does not have appropriate CREATE permissions. You need to correct that and it should allow you to proceed. You probably want to reserve a special account for this that you switch to just at this time, so your application doesn't normally run in a context that would allow this kind of action.
Check the permissions for MySQL: Does your admin account have different settings for a local connection versus any host?