Creating A New SQL User For Aspnetdb Membership Db
Jan 1, 2008
Hello - I am using the generic aspnetdb membership database (aspnet_regsql.exe) which I am currently connecting to as a sysadmin user from my website (via web.config). Before going live with my first website I now want to create a sql user for the website to login with, with the minimum permissions required to run the website - the reason for this is to make the db more secure.
I have created a new sql user and am now looking at what acces they should have. I am OK giving them the required access to the NEW views, sprocs and tables I have created to link in with the generic aspnetdb database etc... however how do I know what access they require to all the BUILT-IN tables, sprocs, views etc. Also, when I am viewing Securables it also brings up all the MASTER DB sprocs, etc.. - will the user need access to these? Should I add the new user to a database role - which one? (currently I have not given the new user a database role) This is the first time I will have created a sql user for an asp.net website so any help greatly appreciated.
I've set up the membership and authentication tables/stored procedures on an SQL2005 Express database. I'm now trying to get the login on my forms to work. I set up two 'members' through the Web Site Administration Tool and everything seems to work fine as far as logging in is concerned. However, I need to retrieve some information from the membership tables through the codebehind but I've discovered that the data created by the WSAT wasn't stored in my database but in the ASPNETDB.MDF file in my application's Bin folder. How can I ensure that the data created by the WSAT is stored in the correct database? What have I missed?
Hi,I'm new to ASP.NET and having a problem configuring the SqlDataSource control. I am using the standard ASP.NET 2.0 "aspnetdb" database to manage user accounts. The problem is this:When using the wizard to configure my SqlDataSource control, the option to auto-generate the Insert/Update/Delete SQL statements are grayed out. I've searched this forum and found that this can be a symptom of no primary keys in the tables. However, there are primary keys (UserId), which is the default schema as generated by asp.net (aspnet_regsql.exe). When I use the wizard, I make the following choices:How would you like to retrieve data from your database?-> Select "Specify columns from a table or view"-> Select the "vw_aspnet_MembershipUsers" view from the "Name:" drop-down list-> Select "UserId", "Email", "UserName" from "Columns:"After this, still no option to auto-generate I/U/D statements. Any thoughts on why this isn't working??? Thanks,Leah.
Hi, I have limited control on the server I use. I can not create data bases but can add tables and edit the data base that has been created for me. So what I would like to do is be able to use a tool such as aspnet_regsql through SQL Server Express to add the tables that Membership would automatically create. Any help in pointing me in the right direction would be great
I have made a new table called 'customer' which i wish to tie into the userId of the db. I have used a db diagram to do this (there are keys on each side of the link and userId is the FK) . When i put the membership/profile view onto the form alongside the new customer table nothing displays in the customer table when i run the app., i dont even see the titles - any ideas (i'm new to this sql malarky btw - so its probably something unbelievably straightforward). Any help appreciated. Thanks
I have several roles on a database and want to find out to which roles a certain user belongs to. What's the SP to get this information?
Background: I have a table where I store some application specific permissions for the different roles. I use the same grant/deny/revoke logic like in SQL server. These are permissions that cannot be mapped to a SP or a table. In a query I want to get all the permission records for the role that a user belongs to.
Hi All... We're cloning an application currently under development on Server 2003 / SQL Server 2005 / dotnet 2.0. The clone's going to live on an XPSP2 box with SQL Server 2003 - it's for demo purposes... The application's able to get to our own database, but it's having a hard time creating the ASPNETDB that dot net likes to have. Aside from the OS, the only difference between the two SQL Servers is that on the working system, we're using windows authentication on the database while on the non-working system, we're using SQL Server authentication. But we've tuned the connection strings appropriately - again, we can get to our own db just fine. We have the following lines in our web.config: <connectionstrings> <clear /> <add name="LocalSqlServer" connectionstring="Server=localhost; Database=ASPNETDB; UID=sa; PWD=mypassword" /></connectionstring> On the working system, the Server is an actual IP address, integrated security is set to true, and of course the uid/pwd is a bit different. But again, using a very similar connection string, we able to get to OUR database on the non-working system... The error we're getting at runtime is: Cannot open database "ASPNETDB" requested by the login. The login failed. Login failed for user 'sa'. When we poke into the database from SQL Server Management Studio - on a remote machine - we can see our own database is there, but the ASPNETDB isnt there. Yet... I suspect it failing getting in to just create the db.... Any thoughts? Thanks for the help!!! -- Curt
I just recently updated to SSDT 12.0.50512.0 using Visual Studio 2013 Ultimate. I typically use SSDT Schema Compare to synchronize my schema across multiple databases and different environments. After updating i encountered a major bug while updating our production schema.Typically during schema compare, the compare will prompt me to drop users and user roles from the database as they are not present in the project. I will exclude these so they database users and their roles aren't affected. After the update to SSDT I noticed that schema compare was only prompting me to drop the User, but didn't show anything about the user's roles. Not thinking much of it I went through my usual task of updating all the production databases. I soon found out that this did in fact remove the user roles even though it showed NOTHING in the schema compare UI indicating it would do so.
GO PRINT N'Dropping <unnamed>...';
GO EXECUTE sp_droprolemember @rolename = N'db_datareader', @membername = N'dbuser';
GO PRINT N'Dropping <unnamed>...';
GO EXECUTE sp_droprolemember @rolename = N'db_datawriter', @membername = N'dbuser';
You could say this is partially my fault for not checking the generated script before running it, but after months of this routine task I've never had an issue until this update.i'm not seeing the changes that will happen to my user roles in the schema compare UI?
I am running into an issue trying to declaratively set up a SqlDataSource. I want to be able to filter some of my queries based on the user that is currently logged into the web site. I want to do it Declaratively as that's one of my favorite 2.0 features.Is there any way to do this with the Membership information? I know I can use the code behind to set the parameter, or store the User Name in Session Variable, and use a <asp:SessionParameter> but I think there should be a way to bind directly to the Membership user...Am I missing another option, or is there no built in way to do this? Any other suggestions...Thanks
I would like to limit the role of an user In Visual Studio only to assign roles to other users for the cubes. Other than that the user should not be able to create / delete the exisiting cubes or dimensions.
In my site, when a user registers, I need to create rows in additional tables besides aspnet_Users. So, I need to be able to pass the generated userId guid to subsequent SqlCommands. I'm having a terrible time with this. What's the correct way to set up a SqlParameter so that it will accept a guid? I keep getting this error: "Conversion failed when converting from a character string to uniqueidentifier." I've tried creating the parameter both with and without a SqlDbType. cmd.Parameters.AddWithValue(paramName, guid); and SqlParameter p = new SqlParameter(paramName);p.SqlDbType = SqlDbType.Guid;cmd.Parameters.Add(p); and I get the same error either way. Driving me nuts! Any help appreciated.
I am getting the error: Cannot open database "aspnetdb" requested by the login. The login failed. When I browse to my ASP.NET 3.5 LINQ web application on the IIS 6.0 server on Server 2003. I imagine this is because while I granted SQL Server 2005 login and permissions to my database that the application stores its data in, I did NOT grant any rights to the service account the IIS Application Pool uses for its identity to the aspnetdb database on SQL Server which is where all my roles information is stored at. My question is what are the MINIMUM permissions needed for this database so it can perform its roles related functions? I'm using Windows Authentications with the SQL Role provider for authorization.
Thank you.
EDIT: I think I only need to open the aspnetdb database and add my login to the aspnet_Roles_FullAccess role. Is that correct?
I am trying to create a database setup script that will work on various OS languages. One of the things the set up script has to do is grant permissions to the NETWORK SERVICE account. This is simple when we are running on the English version of Windows with the command:
Code Block CREATE USER [NetworkService] WITH LOGIN [NT AUTHORITYNETWORK SERVICE];
Unfortunately, if you run this on a French language version of Windows, the login is called something like [NT AUTORITESERVICE RUSSEAU] or something similar. This causes the script to fail.
I think I should be able to get around this by using the well known SID for this account (S-1-5-20) and SUSER_SNAME() to resolve to the name for the account in the local language.
Here is the code I've written:
Code Block SET @user = quotename(SUSER_SNAME(0x010100000000000514000000)); SELECT @user; CREATE USER [NetworkService] FOR LOGIN @user;
Everything seems to be working up to the last line. The SELECT @user line returns [NT AUTHORITYNETWORK SERVICE] on my English language server as expected. Unfortunately, the last line results in a syntax error.
This may be a really dumb question, but I'm not really a DB developer, so I'm stumped. Any ideas on how I could make this work?
I'm trying to create a user from a powerbuilder application through powerscript. I'm trying to create first the login using sp_addlogin but I'm getting the following error [microsoft][odbc for sql server]the procedure sp_addlogin cannot be executed in transaction.
I'm not in our IT section but am responsible for the running of a finance application on SQL 2000.
I want a Read only user set-up on the SQL DB so that we can use Crystal and Access to look at the tables.
IT have some concerns with this as they say it by passes all security.
Are they spinning me a line?? Surely read oonly is read only? Can a user be restricted to a specific database as there are a number running on the same server.
i am a newbie in SQL Server. i want to add a new user to my database, whom i want to grant only insert, update, delete, select commands and some procedures/triggers. i need to log on to the database using that user from my asp.net application. i might have several users to log no to the system and for each user i need a set of tables in the databse. i want to wirte the procedures /triggers once for all the users in the database where they can access. i can write the procs under dbo schema, but i what about the tables?
currently i am using SQL Express to test my database. i have Management Studio Express installed on my PC.
When I declare a cursor,I use a variable to replace the sql statement:DECLARE rs CURSOR LOCAL FAST_FORWARD FOR@sqlPlanBut it is not true.Who can correct for me.Another question is :How to execute a sql statement state by a variable "@sqlPlan" andinsert the result to a table "@FeatRequestStatus"?I am a new hand of sql programming.Thank you very much for your help
I have noticed that some folks create a user to own a schema, with both having the same name (ex: userowner = pfm schema = pfm) and others make dbo the owner for all their schemas. From what I can tell, it doesn't really matter; what does matter is if your database users are granted access to the schema. Since most users only have public rights and dbo has database owner rights, is there any particular reasoning to use one scenario over the other?
I am setting up a database for the first time using SQL Server Express.
I have managed to create a database and create a table with data etc, all straight forward.
The problem I am having is when I come to creating a user for the database. I have the following users in there already, which I am guessing are put in by default:
dbo
guest
INFORMATION_SCHEMA
sys
When I try creating a new user via this screen I get the following error:
TITLE: Microsoft SQL Server Management Studio Express ------------------------------
Create failed for User 'growstudiouser'. (Microsoft.SqlServer.Express.Smo)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=Microsoft.SqlServer.Management.Smo.ExceptionTemplates.FailedOperationExceptionText&EvtID=Create+User&LinkId=20476
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.Express.ConnectionInfo)
------------------------------
'growstudio' is not a valid login or you do not have permission. (Microsoft SQL Server, Error: 15007)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.1399&EvtSrc=MSSQLServer&EvtID=15007&LinkId=20476
------------------------------
I was wondering if anybody could advise me as to what I'm doing wrong. I am typing in the name as "growstudiouser" and the login name as "growstudio".
Or am I just using the wrong section to do what I want. I'm trying to create a user so that when the database is built I can connect to it using a username and password that I have created. I'm not sure I'm taking to the correct route as there is no password option anywhere when creating a new user.
I'm running mssql 2005. And any stored procedure I create in the master database gets created as system procedures since recently. I have created procs in the master database as user procs previously. As sp_MS_upd_sysobj_category is not supported in mssql 2005, does anyone know why this is happening.. or how I can rectify it??
Hi all, I'm trying to create a new user and a new db for my website in ms sql server express. I'm creating a new user, but when I try to login, i receive this error:error 18456. I've activated both windows and sql server authenthication. Can anyone help me or give me a link in which is explained how to create a user e configure the access?Thank You!
I am using MS Access project as a frontend and MSDE 2000 as a backend database. I have few users and i want to give every one restricted access to database based on their use.
How can i create user accounts. I checked tools-->Security--> but workgroup admin option is not active. How to solve this puzzle
Hi,I just installed mySQL on MS NT 4.0 workstation and applied Service Pack6a. When trying to add a new user using the Control Center I get aninfo message that say that user was added but this is followed by anerror message that says:There is no such grant defined for user 'username' on host 'hostname'Does anyone know what is going on here?Please respond in email.Thanks,Paul
i login my remote sql server 2005 as 'sa' and then i try the following code:
use master
go
create login [user] with password [user123]
go
yes. that code created me a sql login 'user', but even before i grant any permission to any database, the login manage to acces database: master, tempdb, msdb and one of my application databases' tables and everythings. i like to know what is it i am doin wrong and what are the default access when creating a login, and is it becoz of any configuration in my server ?
any suggestion or answer will be appreciated. thanks
How do I create a user that has full access to a database using only SQL statements?
I've create very basic database called "sampledb".
Then I've done:
CREATE LOGIN sampleuser WITH PASSWORD = '123sampleuser', DEFAULT_DATABASE = sampledb; USE sampledb; CREATE sampleuser FOR LOGIN sampleuser WITH DEFAULT_SCHEMA = 'db_owner';
Then I logon to SQL server express 2005 management studio using this user, first of all I do not see the sampledb database listed under "databases" even though it is selected in the "available databases" toolbar (how do I list it there? Because going through "attach..." tells me I do not have the privileges to browse for the database to attach).
I then open up a new query (sampledb is selected), and type (products is one of the table in sampledb): select * from products;
And I get:
Msg 229, Level 14, State 5, Line 1
The SELECT permission was denied on the object 'Products', database 'sampledb', schema 'dbo'.
Shouldn't the chosen schema (db_owner) give me the right to do this? And how do I fix this from the query window (without going through the GUI, just using SQL statements)? And how do I list sampledb under the databases when I log in as this user?
