ASPNETDB Deploy With Users/Roles Security
Apr 10, 2007
I have developed a site on my local machine utilizing the built-in security/roles provides by ASP.NET 2.0. I am trying to publish the web application to a production server. It will publish correctly, however the ASPNETDB is not recognized. The folder app_data is created with the proper database files. My question is how do I set this up to use the data I have created in this database? I've searched on how to accomplish this but haven't found any definitive answers. I have found ScottGu's blog to be useful, but I was wondering if there is a different way.
1 - Do I push the data to a SQL Server install via SQL scripts?
2 - Can I link to the ASPNETDB that is created locally on my machine?
3 - If I make changes to the application and re-publish, is there a way to keep from overwriting the ASPNETDB on the server?
I am a unsure of how the built-in roles/security works when you are ready to push something to production. If someone wouldn't mind pointing me in the right direction, it would greatly be appreciated. Any literature, advice, links, etc.. would be great.
- Thanks
Andrew
View 4 Replies
ADVERTISEMENT
Mar 5, 2006
Hello,
I am new user of SQL Server. I have some problems with these words. I want to make my database works in my specified permissions. I will specify permissions with schemas and these schema wants an owner. I want this owner should be my user. When creating a user it needs a valid login. I am selecting my login and it occurs and error says this login has an different user. I am specifying permissions with roles. But i can't make association all of them. I hope i told my problem to you as well. If you explain these words to me and tell me how can i do my database's works with my own schemas, users and roles i'll be grateful. Thanks for advices.
Happy coding...
View 4 Replies
View Related
Aug 1, 2007
In my ASP.NET application I am using authentication/Login controls. I have my development configuration running correctly... my providers are setup in the web config along with the appropriate connection strings for these providers. In the development environment .NET Framework 2.0 and SQL Server Express 2005 configured in IIS, ASPNETDB installed in App_Data. I am able to create new user accounts and re-login under these accounts, so all validation is working on the development servers.
Now... I need to deploy the ASP.NET 2.0 site. My provider is allegedly ASP.NET 2.0, with SQL Server 2000, implimented on a seperate backend server which I utilize in my application during development to reduce configuration issues during deployment. I can create databases and utilize SQL Server Management Studio locally (2005) to perform all appropriate development tasks on my remote SQL 2000 Server.
However, I need to deploy ASPNETDB on that remote SQL 2000 Server (apparently my provider has no instance of SQL Server Expres 2005 running on the web server).
I tried to use the Import/Export Wizard in SQL Server 2005 Management Studio, I can only transfer the tables and views to my remote ASPNETDB database (which I had to create from the provider side utilities). I have tried using the "Copy Database..." command on the ASPNETDB database, but my error is: "The destination SQL Server must an SQL Server 2005 instance".
...Then I tried to script the database and run it against the remote server within the Import/Export Wizard... this failed miserably... massive Syntax Errors puked out of the parser.
...Then I tried to mirror the ASPNETDB database to the remote SQL Server 2000 instance... my error is: "The destination SQL Server must an SQL Server 2005 instance".
...Then I tried creating an SSIS package utilizing the "Transfer SQL Server Objects Task". This failed as well... reporting that the Login cannot be null... apparently a known issue and unrelease fix.
So now I'm stuck! How can I impliment the ASPNETDB on a remote SQL Server 2000 instance?
Theoretically, if I change the configuration of the providers for ASP.NET the Login/Authentication controls in the web.config file to point to the new ASPNETDB instance attached to the remote SQL 2000 Server, and of course... if I could get the stored procedures ported it should work right?
The schema should be in tact whereas I used the Import/Export wizard to at least get the tables and views ported to the remote SQL 2000 Server. But the 55 stored procedures and 1270 system stored procedures still need to be transferred. How can I accomplish this?
I hope I provided enough of an overview... Thanks in advance for any suggestions. Don't hesitate on any questions.
Rik C.
View 1 Replies
View Related
Oct 4, 2004
Is there a script or can I make a script to find out what roles and what users are assigned to the roles are?
View 4 Replies
View Related
Sep 16, 2006
How to generate script which can move users with his roles from one DB to another (SQL 2005) ?
View 1 Replies
View Related
Sep 28, 2015
I am trying to revert back to Windows 7 after upgrading to Windows 10, however it will not let me and the following message occurs: "Remove new accounts.Before you can go back to a previous version of Windows, you'll need to remove any user accounts you added after the most recent upgrade. The accounts need to be completely removed, including their profiles.You created one account (NT SERVICEMSSQLSERVER) Go to Settings> Accounts> Other users to remove these accounts and then try again".However I did not create any new users and there are no other users listed in the Accounts section.
View 2 Replies
View Related
Jan 18, 2008
I have uploaded my site on localhost and sharing on intranethow can i answer these question? Q1) How many users have loggedin? and using my database?Q2) Which table has lots of load?Q3) how can i immediately close particularly connection?
View 4 Replies
View Related
Nov 27, 2006
I'm trying to find some documentation or procedures that will allow me to xfer existing users' roles, etc from sql2000 to sql2005.
When our sql 2005 database was restored on a new server (from sql2000), all of the database users were orphaned. I need to create identical server logins and then make the logins database users. It is also important to understand the significance of the new schema concept. The Microsoft SQL2005UpgradeTechRef.doc white paper does not explain any of this.
Ultimately, I would like to create a script for the above scenario once a sql2005 db is restored from a sql2000 db.
Could someone please help me out on this?
View 1 Replies
View Related
Apr 2, 2008
Guys,
I have 2 users emp_rw (read write) and emp_ro in the database through which application accesses the database.
Now I would like to replace this users with roles and assign emp_rw, emp_ro to roles. Which roles should be created -
database roles or application roles what is the difference between application and database roles.
currently I execute the below statement to grant rights on database objects to emp and emp_ro users, can this be changed
to grant rights to role instead of user.
grant execute on <function name, procedure name> to emp_ro
Any suggestions and inputs would help.
Thanks
View 1 Replies
View Related
Oct 12, 2005
Hi, all. I've got a question that's truly newbie. I've added logins to the "users" of a database, but I've never used the "roles" area. What's the difference? Is a role like a group account with some preset permissions?
View 3 Replies
View Related
Nov 27, 2006
I'm trying to find some documentation or procedures that will allow me to xfer existing users' roles, etc from sql2000 to sql2005.
When our sql 2005 database was restored on a new server (from sql2000), all of the database users were orphaned. I need to create identical server logins and then make the logins database users. It is also important to understand the significance of the new schema concept. The Microsoft SQL2005UpgradeTechRef.doc white paper does not explain any of this.
Ultimately, I would like to create a script for the above scenario once a sql2005 db is restored from a sql2000 db.
Could someone please help me out on this?
View 1 Replies
View Related
May 30, 2007
Hello and thanks for reading,
I would like to know if it's possible to add around 4000 users into the ASPNETDB without adding them one at a time. I have to avoid using a "create user wizard" because this login is for a private online election only. The list of users is in an access database and looks like this:
Username Password
DHunziker Hu8645
SEnderton En0854
BAckler Ac9576
....
Unfortunately, I don't have valid emails for all 4000 people, nor do I have the time and resources to collect security questions and answers so I don't know if this is even possible. Can you help me?
Thanks!
View 6 Replies
View Related
Jul 15, 2007
I don't know whether this question belong here, but....
In the past I had many customers using the same website each with their own domain name and their own database. To accomplish that, I used MS Access and placed each customers database in separate directories. I steered the customer to the correct directory using their domain name. I am now trying to accomplish the same thing using aspnetdb.mdf and other .mdf database files. I am using the aspnetdb.mdf database for membership, etc. I want the aspnetdb.mdf database file to be unique for each customer. Does anyone know how to accomplish what I was doing with MS Access using aspnetdb.mdf? Is there any way to have multiple web.config files each of which would be dedicated to a particular customer?
View 1 Replies
View Related
Dec 3, 2003
Hi everyone out there in ASP.NET land.
Have a quick question...
How do I add a role and/or a user through code (Specifically SQL Statements). If not through SQL, then maybe VB.NET?
Thanks ahead of time,
Denvas
View 2 Replies
View Related
Mar 5, 2000
Hi there NT Server,sqlserver 7.0, Integrated Security. I used "sp_attach_db" to attach a database to the sql server. The database has 3 standard roles with members in each of those roles. But i am not able to add a user to any of the roles through Enterprise Manager(No users are listed, except the other 2 roles). Also when i click "users" under the Database in EM, no users are listed except "dbo" with sa login. Luckily since some members are there in the roles, they are able to connect to the database. Also i am not able to add the user bcos the user exists in the public role and i get an error message "user already exists in DB". The user has logged into the NT and everything is fine. I copied the .mdf and .ldf files from a "Standard Security" Server.
View 1 Replies
View Related
Jul 23, 2004
SHORT VERSION
i am setting up roles, do i also have to set up role-people as users?
LONG VERSION
my db has two owners. both of us run the Access front end happily - everything works perfectly.
now i'm trying to add non-owner users.
i have set up ten people as datareader/datawriter (primitive, but will refine this later).
these people are not able to get into the db.
at the registering DSN stage they can't see the server in the list of servers and if they manually type \myserver they can't connect (doesn't exist or access denied).
in Enterprise Manager,
Users: shows only the two owners
Roles:datareader shows the ten non-owners (ditto datawriter)
am i supposed to setup my datareader/writers as users as well?
should i see them in the Users: list?
thanks for your time.
izy
View 2 Replies
View Related
Feb 27, 2004
How can I generate a list/view of all users/groups with appropriate roles and rigths?
View 3 Replies
View Related
Nov 28, 2006
Hi Team,
In SQL Enterprise Manager, when we expand "Database -->Users", we see the
users there. When we expand "Security --> logins" we see the same users there.
Can you differentiate these two.
Thanks
Santhosh
View 1 Replies
View Related
Jul 20, 2005
I am in need of a utility (stored procedure, third party app, etc)that will help streamline the process of managing and auditing objectpermissions, users and roles on multiple sql server 2000 instanceswith multiple databases on each instance. That's a quick overview ofwhat I need, do I need to be more specific?Thanks.
View 2 Replies
View Related
May 19, 2006
Hi,
I have two sql db's. One for company record info, other for users (aspnetdb) I created the users one using the login control and web administration wizard. This all worked well until I had to publish to godaddy. I had to rebuild my company db, but eventually I was able to pull info and all that is working. The problem is, how the heck do I add users? I noticed that it put users table in my db to start. So I manually went into the db on godaddy's servers, and added an application. Then when I tried to add a user manually, it kept giving me errors. Is there an easier way to add website users through godaddy? Something like the web admin tool that comes with visual studio? Man it is driving me crazy!!!
View 10 Replies
View Related
Jan 19, 2007
Hi,
I have added two roles to sql server. One called Officeusers. The other AdminUsers
Added the appropriate logins to these roles. For example; james, john, ahmad to OfficeUsers and Mat, Nick to AdminUsers.
How can these roles be now used in a connectionstring? I can use each user login and his relevant password in a connectionstring to connect to sql server but not sure how/where/when the Roles come in to development.
i.e. do I need to use the role in the connectionstring? if so then what happens to the password.
Not quite clear about all these.
Thanks
View 3 Replies
View Related
Jan 2, 2007
I'm trying to figure out how to associate users in my ASPNETDB.MDF to create a shopping cart.IE: I have 3 tables, for a list of existing orders, list of products, and list of specific orders.The idea is for users who've signed up with the built-in user creation control, can then place orders from the shopping cart, and view their existing previous orders. This would normally be done with a unique UserID # to associate orders with specific users, however I don't BELIEVE there's anything like UserID's associated with each user in the ASPNETDB.MDF, it just uses usernames as the unique identifiers right?Anyway I'm not sure I'm explaining what I'm trying to do perfectly and I apologize, but I don't think it's an un-common problem I'm having. Basically I'm trying to avoid having to have existing ASPNETDB users create a sort of SECOND user that would associate them into a seperate Customers table, it seems like extra user steps that shouldn't be necessary.
View 1 Replies
View Related
Apr 5, 2008
Sql 2005
I want to grate execute permissions on my stored procedures to a role. While creating the role, it asks for "schemas owned by this role".
To me, the schema is merely a namespace that allows you to group objects, but arent schemas such as db_datawriter roles that are central to the db and only admin type users should have ownership of these, correct ?
In a nutshell, I want to:
create a new role and assign a user to that role
with a stored procedure, grant execute permissions to this role
I was confused by the sql 2005 dialog that asks me to take ownership of roles such as db_datawriter, db_datareader etc, wouldnt that mess up other things with the database ?
help ...
I think its time I review all of the above items
role
user
login
schema
View 4 Replies
View Related
Jun 20, 2005
A question on the permissions hierarchy:
Since logins, database users, and database roles are both principals and securables - what does it mean to GRANT permission on a login/user/role to another principal? Does it mean that for a login - you can GRANT permission to EXECUTE AS that login or modify it, for example?
View 3 Replies
View Related
Jul 17, 2000
We are looking to make our applications as secure as possible. I am interested in how well Application Roles work to make security tighter.
Have you used Application Roles. If you have, I'd like to know if it helped provide better security or not and if it did, how was it implmented in you production environment. I already know how to get it set up, I'm just wondering if it's really worth the trouble.
Thanks!
View 2 Replies
View Related
Dec 20, 2000
I have jsut started using SQL server 7 and am having problems with accounts permissions, users,roles, groups, owners etc what are the differences?
View 1 Replies
View Related
Oct 5, 2006
Under SSMS I see the "securityadmin" Server role. Where in SSMS can I find the actual list of permsisions granted to this role? (not just a generic description of what this role can do.)
TIA,
Barkingdog
View 1 Replies
View Related
Mar 12, 2008
I want retrieve data from properties field in prifile table in aspnetdb.mdf for multi users,what do i ?
View 1 Replies
View Related
May 20, 2008
Developers need to view and modify jobs on some servers without being sysadmin. We've added the developers to the following MSDB roles:
SQLAgentOperatorRole
SQLAgentReaderRole
SQLAgentUserRole
Technically they should be able to view and modify jobs through Management Studio when being added only to SQLAgentOperatorRole. However they receive the following error when clicking on the Jobs folder regardless of the msdb role.
Execute Permission Denied on Object 'xp_sqlagent_enum_jobs', database 'mssqlsystemresource', schema 'sys'. (Microsoft SQL Server, Error: 229)
Our original two SQL 2005 servers do not produce this message, but all other instances do. All servers, but one, are SP2 so the service pack is not an issue. Any thoughts?
Thanks, Dave
View 3 Replies
View Related
May 18, 2015
As far as i know all users that is assigned to "Public" database role by default cannot SELECT any tables which in the databases. But in my case i am restoring database from previous version of SQL Server 2005 to SQL Server 2008 R2.
The problem come when every new users that created can access all tables in the databases.
How to get "public" back to default permission settings?
View 13 Replies
View Related
May 16, 2008
I have been struggling with this for a while and cannot get it right. I have read countless articles on the internet as well as MSDN documentation about SQL Server 2005 and no success so far.
What I want is a database with multiple SCHEMAS, DATABASE ROLES and USERS in order to have a finer grade of security to access the various objects.
My schemas are (in order to simplify the situation and provide an example of the setup):
- [dbo] the standard DBO schema which is always default. Contains public objects.
- [com] a special module integrated into the system
- [ofc] contains objects used by back-office only
- [aud] contains objects used for auditing, etc.
Each of these schemas has their fair share of tables, views, functions and stored procedures which have been created appropriately (i.e. CREATE TABLE [ofc].[Addresses]), in other words prefixed by the name of the schema to which they belong.
Then I have created various database roles (don't confuse them with SQL2005 application roles) as follows:
- PublicRole mostly used for viewing, no data alterations
- WorkerRole used by front end processes that need write access to data in [dbo] and [aud]
- OfficeRole used by back-office for dealing with backoffice data (basically [ofc], [aud] stuff)
- AdminRole used by application administrator
Each of these database roles has been defined with owner 'dbo', none of them own any schemas. And last but not least to each of these roles I have selected the above named schemas (dbo, ofc, aud) as securables and for each of those securables schemas I have then given the correct set of GRANT/DENY on the Alter, Control, Delete, Execute, Insert, References, Select, Update, Take ownership and View definition.
As an example, the PublicRole role has been given the following permissions (Y=GRANT, N=DENY):
Table #1 of Application Permissions [dbo] [com] [ofc] [aud]Alter N N N N
Control N N N N Delete N N N N Execute Y Y N Y Insert N N N Y References Y Y N Y Select Y Y N Y Update N N N Y Take ownership N N N N View definition N N N N
And I have the following minimum set of database users defined (the server login has the same name):
- upublic, assigned to PublicRole
- uworker, assigned to WorkerRole
- uoffice, assigned to OfficeRole
- uadmin, assigned to AdminRole
As I understand when I assign these users to a particular custom Database Role, the users inherit the permissions granted to THAT role thus liberating me from having to assign the permissions to each and every user account on the same role.
What I expected was that when I logged in to the database with the upublic user account I would at least be able to view (SELECT at least) ALL the objects with the exception of those in th e[ofc] schema. Unfortunately the account is not able to access ANYTHING at all, I get an error like
"The SELECT permission has been denied on object XYZ, database DB, schema 'dbo'"
So, when I use Management Studio to look at the properties I selected the PublicRole and it showed the upublic user as a member of the role (Members of this role). So far so good.
Then when I switch to the Securables page for this role it shows all the schemas I defined and for each of them the same list shown in Table #1 except it has two lines for each permission, the first for Grantor dbo and the second for Grantor upublic. The first has the same permissions I assigned to the role (as shown on Table #1) but the 2nd does not show a checkmark on either GRANT or DENY!!! For example ([x] = checked, [ ] unchecked):
Table #2 Explicit permissions for Securable
Permission Grantor Grant Grant-with Deny
Select dbo [x] [ ] [ ] Select upublic [ ] [ ] [ ]
What am I doing wrong here? Apparently I then have to repeat the whole grant/deny for EACH and EVERY USER I define when the idea was that I would grant/deny on the database role and every member of that role would inherit those permissions automatically.
View 3 Replies
View Related
Aug 30, 2006
Hi,I'm
building an asp.net website using web developer express and I have a
SQL 2005 express install on the same machine. Using windows security,
everything works fine for development.Now I need to get it working at the client site, where the web server and SQL 2005 Express are on different machines.I'd
tried using windows authentication but that didn't work, probably
wasn't doing it correctly. I'd like to try SQL Authentication, at least temporarily, since I
can replicate that on my laptop at home easily I think.I created a new SQL login but was really baffled by the screens showing roles and schemas, etc. There's so many roles to choose from and wasn't sure if this new login needed to own any schemas. I
did turn on remote connections and mixed-mode authentication, the
probably now is my asp.net membership provider login page isn't
authenticating correctly, maybe my permissions are wrong on the
aspnet_..... tables for users, roles, profiles, etc. Any advice?thanks,Bruce
View 3 Replies
View Related
Jan 21, 2008
Roles Table:
RoleID, RoleName
<RoleID1>, Allow_ClientFolder
<RoleID2>, Allow_ClientReportA
<RoleID3>, Allow_ClientReportB
<RoleID4>, Allow_CompanyFolder
<RoleID5>, Allow_CompanyReportA
<RoleID6>, Allow_CompanyReportB
UsersInRoles Table:
UserID, RoleID
<UserID1>, <RoleID1>
<UserID1>, <RoleID2>
<UserID2>, <RoleID4>
<UserID2>, <RoleID5>
<UserID2>, <RoleID6>
<UserID2>, <RoleID1>
<UserID2>, <RoleID3>
e.g.
when the <UserID1> clicks on the "home" link show only "Client" folder and when <UserID1> clicks on the "Client" folder only "ClientReportA" will show.
Here is the accessable map for each user:
<UserID1>
Client
ClientReportA
<UserID2>
Client
ClientReportB
Company
CompanyReportA
CompanyReportB
Question:
What is the best way to implement CheckAccess? At first I thought I can access the item names and I can test authorization through that, but AceCollection contains operation permission of the accessing object.
View 4 Replies
View Related