SQL Server 2k Security Setup On Application Server

Apr 13, 2004

Hi all

If i wanted to set up my SQL Server DB to run in an Application Server environment (i.e. clients connecting to a remote server)
would i be required to give every user a WINDOWS SERVER logon as well as a SQL Server logon or would i only need to setup just a SQL Server logon for them?
(obviously using SQL Server Security opposed to NT Integrated Security)

Thanks in advance for any help

View 3 Replies


ADVERTISEMENT

SQL Server Security Setup For Web Application Access

Jun 6, 2007

All:

I am writing an Internet/Extranet based (ASP.Net 2.0) web application that uses SQL server 2005 as the database. I am using forms authentication on my web application. I am also storing the connection string to SQL server in my web config file. The conn string is encrypted using DPAPI with entropy. I currently have created a SQL login account on my SQL server for use by the web application. This is the user ID I am using in my conn string. The reason for this is because all persons using the application will NOT have a windows login.

Here is my question: The login I created currently has defaulted to the "dbo" role and therefore has "dbo" rights to the database. I want to setup up this login account so that all it can do is execute stored procedures. I dont want this SQL login to be able to do anything else. In my application I am using stored procedures for ALL data access functions, via a data access layer in my application. Can someone guide me step by step as to how to setup this type of access for this SQL login.

Thanks,

Blue.

View 1 Replies View Related

SQL Server 2005 Security Setup For ASP.Net Web Application Data Access - HELP!

Nov 17, 2007



Here is my situation: I am creating a database driven ASP.Net web application that will be used over the internet. My ASP.Net application connects to my SQL server 2005 database/server by using a SQL server login. I am using the DPAPI API to encrypt my connection stings with a hidden entropy value for extra security. I am using the SQL login for obvious reasons, as my users will not have a windows login.

What I am trying to do: I want to limit this SQL login account to be able to just run/execute stored procedures and NOT access the tables or views directly. In my ASP.Net application I am using the MS applications data block, and I am using stored procedures for every single database access action. There is no inline SQL being executed from my web application.

What I have tried so far:


I created a new schema and made the above SQL login account owner of this schema. I then granted "Execute" permissions to the SQL login and DENY permissions to all other permissions.

I created an database role with "Execute" only permissions and DENY permissions to all other permissions.

What Happened: In BOTH of the above scenarios I tested a direct SQL statement against one of my tables, from my ASP.Net application and I was able retrieve data back, NOT GOOD, exactly what I am trying to STOP.

If someone could give me (Step-by-Step) guide on how to setup the situation I am looking for, I would be very grateful!


Thanks to all that help!

View 13 Replies View Related

ASP.Net 2.0 Application Connection To SQL Server 2005 - Setup Questions

Jun 5, 2007

All:
 I am writing an Internet/Extranet based (ASP.Net 2.0) web application that uses SQL server 2005 as the database. I am using forms authentication on my web application. I am also storing the connection string to SQL server in my web config file. The conn string is encrypted using DPAPI with entropy. I currently have created a SQL login account on my SQL server for use by the web application. This is the user ID I am using in my conn string. The reason for this is because all persons using the application will NOT have a windows login.
Here is my question: The login I created currently has defaulted to the "dbo" role and therefore has "dbo" rights to the database. I want to setup up this login account so that all it can do is execute stored procedures. I dont want this SQL login to be able to do anything else. In my application I am using stored procedures for ALL data access functions, via a data access layer in my application. Can someone guide me step by step as to how to setup this type of access for this SQL login.
 Thanks,
Blue.

View 4 Replies View Related

SQL Server Setup Failed To Modify Security Permissions

Feb 19, 2007

Last night at home on my 64 bit Vista machine, I encountered the same error 29506 that said that the management studio express could not be installed.  I looked up the error message and below is what I received.  I also installed the 64 bit .net framework which installed just fine before trying to install the SSSME.

I followed the instructions below but this did not seem to make a difference.  However, I did not reboot after applying new permissions.  I have installed this software a few times now on 32 bit machines for both XP and RC1 Vista, and have not had a problem.  Last night, I did use the 64 bit version.  Also, there is no data file yet because after the install it rolls back, so I gave myself Full permissions on the SQL server directory which should include all sub directories, right?  Thanks, Teri
Error 29506.
SQL Server Setup failed to modify security permissions on file Drive:Program FilesMicrosoft SQL ServerMSSQL.xMSSQLData for user SYSTEM. To proceed, verify that the account and domain running SQL Server Setup exist, that the account running SQL Server Setup has administrator privileges, and that exists on the destination drive.

Note A SQL Server service pack refers to SQL Server 2005 Service Pack 1 (SP1) and later service packs.
CAUSE
This problem occurs because one or more data files exist that do not have the required permissions. By default, the Full Control permission of the Administrators group is granted to the data file when you create a database. If the permission of this group is removed from the data file, the SQL Server 2005 service pack setup will fail.
RESOLUTION
To resolve this problem, grant the Full Control permission to the Administrators group on all data files and on the Data folder. To grant the Full Control permission to the data files, follow these steps:



1.
Locate the folder that contains the data files. By default, these files are located in the following folder:
C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData

2.
Right-click the data file that has no required permissions for the Administrators group, and then click Properties.

3.
If the Administrators group is not in the Group or user names list, click Add, type Administrators, and then click OK.

4.
Click Administrators in the Group or user names list, and then click to select the Allow check box for the Full Control item in the Permissions for Administrators list.Note If the files in the Data folder have an orphan owner, you have to take ownership of the files and then grant the Full Control permission to the files. We recommend that you do not change the default permissions for the data files.

View 5 Replies View Related

Error 29506. SQL Server Setup Failed To Modify Security Permissions

Aug 15, 2007

Received the following error while installing SP2

MSI (s) (D8!A0) [21:07:09:062]: Product: Microsoft SQL Server 2005 -- Error 29506. SQL Server Setup failed to modify security permissions on file C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData for user Administrator. To proceed, verify that the account and domain running SQL Server Setup exist, that the account running SQL Server Setup has administrator privileges, and that exists on the destination drive.

Tried running install with a domain account and local account with same results.

Based on the error message, I checked permission on the drive and still received the same error.

Followed resolution based on KB 916766, this did not resolve the error.

Only possible resolution I found was to disable UAP, reboot and retry the install. This will be done as a last resort, but any other suggestion will be appreciated.


Many Thanks

View 3 Replies View Related

Can Not Setup SQL Server 2005, Progress Stops At 'setting File Security'

Jun 8, 2007

Dear Helpers,



I can not setup SQL server 2005 express and the full trial version as well.



The setup progress stops at "setting file security", and nothing happens. I dont even get an error message.



This is very annoying. I have local administrator access, so it should work. Op system: Windows XP professional.

Machine: Hp Compaq dc7700p, 1 GB RAM, 80 GB HDD



Thanks for your help in advance.

View 5 Replies View Related

Setup Of Security / Integrated Win Security On Vista

Jul 6, 2007

I have Sql Server Express installed on Vista (service pack 2)

I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.



The login ID of the service is added to the database.

The database has remote access turned on.

The ID is granted access to all databases within the server.

The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.

The dataserver is set with using Windows Authentication for security.



When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.



How to I get past this? I've done everything right.

View 1 Replies View Related

Setup And Upgrade :: One Machine 6 IPs - How To Setup DNS For Server

Apr 24, 2015

I am running a number of SQL instances on my PC. Within the network, I have think server with various System Center components. For compatibility reasons, some features of System Center 2012 R2 had to be delegated to different SQL databases. My question is, because there is now more than one IP address on my system, and each instance of SQL is assigned to its own IP, is there a way to setup DNS and SQL so the namespace points to the desired IP address? For Instance:

MSSQL2008 instance is set to run on = 11.12.13.1
MSSQL2012 is set to run on = 11.12.13.2
IN DNS:
A Record: Mike-PC = 11.12.13.1
A Record: Mike-PC = 11.12.13.2

If I want to use MSSQL2008 by specifying Mike-PC as the DNS name, how would I do that with 100% accuracy? If there is another way to get the job done, I am more than willing to approach this differently.

View 3 Replies View Related

Security Setup

Dec 16, 1999

We are working on a new Payroll server. Our payroll department wants to lock out MIS and SQL Admins as much as possible. What we would like to do is allow the SQL Admins to still perform admin tasks such as backups, audit tracking, etc, while not being able to get into the tables. Also, we would prefer to do this security at the database level, rather than the server level. Any thoughts on this?

Tim Davis

View 3 Replies View Related

Can't Connect .Net Application From Windows Server 2003 To Database Server (SQL Server 2000)

Apr 3, 2008

Hi,
I am having a problem connecting my .net applications from the application server to the database server. When I run the application from my windows xp (sp2) box it works fine. When I try to connect via SQL Management Studio to the database server from the application server I get the same error.
Here is the error:
System.Data.SqlClient.SqlException: An error has occurred while establishing a connection to the server.  When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
 Here is the Environment:
App Server:
Windows Server 2003 Standard Edition
Inside Company's Firewall/ Network
Database Server:
Windows Server 2000 Advanced Edition
SQL Server 2000 SP4
Remote Connections to the Server is checked
Enable Protocols: Named Pipes & TCP/IP
TCP/IP Port: 1402 (I don't know why it isn't the default of 1433)
The db server is sitting out side the Company's firewall (don't ask me why). I can access it fine from inside the firewall on my XP box but not from windows server 2003. There is a web server outside the our network that also connects to the db server with no problem and that is running Windows Server 2003 Web Edition.
I can ping the db server from the app server using the IP address.
I tried using the IP address and the port 1402 in my connection string but that didn't work from any machine (XP and Server).
I imagine the issue is somehow related to the company's firewall but why would it only block Windows Server 2003 and not XP?
What do I tell the network admin to change?
Any help would be appreciated.
Thanks,
Oran
 

View 4 Replies View Related

Setup.exe Is Not A Valid Win32 Application

Jun 29, 2007

Hi,



i'm trying to install MS SQL 2005 Enterprise Evaluation Edition, on my Win XP Pro SP2 (Intel Centrino 1.73Ghz, 1GB RAM)... i have downloaded the self-extractable file (SQLEVALX64.EXE) from MS website... After extracting this file to a folder and clicking on "setup.exe" - resulting in "setup.exe is not a valid Win32 application" error message...



What wrong in my installation...



Cheers

Venu





View 1 Replies View Related

Reports Security Setup...

Nov 29, 2007



We are using SQL 2005 / Windows Server 2003 / Sharepoint portal.

Our reports are used through Sharepoint. I have added a web part which displays the folders. There are several reports within each of the folders. Users that have access to the Sharepoint site have access to all of the reports that are available in all of the folders. I would like to control folder access through SSRS.

What is the best way for me to accomplish this?

Thanks in advance.

View 1 Replies View Related

DB Security Vs. Application

Feb 3, 2004

We are rolling out mssqlxpress to our development staff and would prefer to alter their permissions so that they can only make changes using mssqlxpress (since it integrates nicely with VSS).

So are choices are to uninstall SQL Enterprise Manager and SQL Query Analyzer, or more preferably, alter their NT Permissions so that they do not have the capability to change anything in the DB's.

My concern is that it seems we can only set their permissions from DB level and not the application, does that sound correct? Has anyone else had to deal with this predicament and is there an alternative to uninstalling the SQL Client tools?

View 1 Replies View Related

Web Service Setup And Database Security

Sep 18, 2007

Hello,

We have vendor that is implementing an employee self serve application for current and potential employees (employment applications). There is a web server in our DMZ that has the application installed but also on the server is a SQL database that has names and social security numbers. This server will also query the backend accounting server for earnings statements and W2s. We have a Cisco ASA as the firewall and SSL to protect client authentication from the Internet. There is no SSL between the web server and the accounting server. The fact that the SQL database on the web server containing SSN associated with names concerns me. It seems that none of this information is masked or encrypted and can be seen if the server was to ever be compromised.

My idea of such a service involves a web server that queries the backend database over SSL and presents the information to the user over SSL. No personally identifiable information would be resident on the web server at all, just a facade. That is not the case and it is not what we described to them as to what we want.

It seems they have installed it the only way they know how which is not secure, or maybe it is, that's why I am here. They have installed this at numerous locations and they actually wanted any and all ports open between the web server and the backend accounting server. It took us a while to get them to follow the rule of least privilege but we essentially had to do it ourselves.

Also on our main webserver for our Internet site I found the test database they used almost 2 years ago to test this application along with names and SSN. This was before I arrived and there is no encryption or authentication for this server. Is this good secure practice? All my training says no but it is hard to believe a mutli-million dollar organization is this ignorant. I guess it shouldn't surprise me, TJX didn't pay attention either.

I saw this thread which provide some good information but I am not a database admin and I am not familiar with SQL services, etc.

My questions are: Is their implementation secure? Does anyone know where I can find more info regarding web services and HIPAA? I read where 2 firewalls are required but would like documentation to show. Any suggestions on how to implement this securely?

Thanks for the help,

Mike

View 3 Replies View Related

Security- Application Roles

Jul 17, 2000

We are looking to make our applications as secure as possible. I am interested in how well Application Roles work to make security tighter.

Have you used Application Roles. If you have, I'd like to know if it helped provide better security or not and if it did, how was it implmented in you production environment. I already know how to get it set up, I'm just wondering if it's really worth the trouble.

Thanks!

View 2 Replies View Related

Designing Security In An Application

Apr 24, 2008

With my next application, I'm thinking about establishing a new security paradigm for my programs, with respect to SQL Server.

In all my previous applications, connections are established using SQL Server authentication. So, all my users may log-in under a single log-in, mapping to a single user in a database. My application then has to use its own security arrangement to determine who has access to what forms within the application. There are three major problems with this design: 1) the user name and password to connect to the SQL server have to be resident as strings somewhere in the application code (or ancillary files), 2) everyone connecting to the SQL Server "looks" the same, and 3) you have to give the broadest rights to everyone with the same login and then pare those rights down within the application itself.

By implementing multiple SQL Server Authentication logins I can mitigate problems 2) and 3), but the only way to eliminate problem 1) is to move to Windows Authentication.

Windows Authentication would allow me to resolve all three design constraints, but there is one problem that I see coming as a result.

If I use Windows Authentication, each user must have an independent login to the SQL Server. If I have an application that may have 4,000 to 6,000 users, does that means I have to have 4,000 to 6,000 logins set up on SQL Server?

Is that true?

I could, of course, generate a script to build all 4,000 to 6,000 users, but I am concerned about this.

Is this a "normal" arrangement that SQL Server has no problem-with?

View 8 Replies View Related

Yet Another Question On Application Security....

Sep 29, 2006

Ok, i have read a few articles regarding application security and it sems to me the Microsoft just doesn't get it.

As others have posted, Vendor packages are not normally controlled by the IT staff... they do what they do. When an application is used for mission critical data, it becomes important to lock down that data as best as it can be under the limits of that application. Yet what is often lacking in a vendor package is thought about what opening up the database means.

We are using a Vendor package that does not allow for application security to be set. In other words, it uses windows authentication to grant Database access. As many others here have noted, this opens the database to manipulation via any other tool the user has at their disposal.

It seems that the general reply here is that we should get the vendor to change their package to allow for Application level security. Good Luck!

I am not a DBA (must be obvious at this point) and i do not know all the what's up and coming, but generally as a system support person, i must deal within the environment i am given. Here's what I see as the environment I am working under, the problem and the preferred solution.

Application only allows windows authentication.

The users must be allowed full access to the database in order for the application to perform updates as needed.

Security to specific data by company is controlled within the application to determine what a specific user can change.

Granting security to a user ID allows them to access and change data at will through an alternate product (E.G. Enterprise manager, MS Access etc.) without regards to the security built in to the application.

SQL Server knows what ID is requesting data and knows what application is generating the request (I have seen screen prints of the list of who is logged into the database and right alongside the UserID is the Apllication Name).

If SQL server knows these two bits of info, why is it so difficult to allow SQL server to append the Application name onto the user ID and allow access to the DB only via this combination? The permissions can be set up with some combination of UserID/Application name and no special security, no messing with special application passwords/aliases, no pleading with Vendors to make changes and best of all.... satisfying SEC rules for locking down DBs.

Am i missing something? Does anyone know how i can accomplish this simple task without stressing out the DBAs?

Thanks for all your help and creative ideas!

Rob

View 21 Replies View Related

Security For Application Role

Sep 4, 2007

We have an application use Approle to read from database. If the client login to windows as administrator or a name that has the administrator rights, the application can get all data. If the client login to windows as a domain user that has limited rights, the application can't get all data.
I run profiler and found that it seems, when application use approle to access a database, the login name is the domain user that log into windows. Is there anybody know what type of right the window login name should have in order to get all data from a database?

Second question, when I log in to window as domainusername( username is not administrator, but has administrator rights). In the profiler, I can see the application use this domainusername access database. However, under sql server login node, I didn't find domainusername. Is this because, the domainusername belongs to buildinadministrator?

Thanks

View 1 Replies View Related

The Database Isn't Working With The Setup Based Deployment Of The Application

Dec 28, 2006

 

I deployed my application to my newly installed xp pro laptop

The prerequisites are installed

Now  that I want to testdrive my database application I get this error:

An attempt to attach an auto-named database file c:/program files........................MyDB.mdf failed. A database with the same name exists, or specified file can not be opened, or it is located on UNC share.

This is what I read in my app.config file;

<connectionStrings>

<add name="MasterDetail.My.MySettings.MyDBConnectionString" connectionString="Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|MyDB.mdf;Integrated Security=True;User Instance=True"

providerName="System.Data.SqlClient" />

</connectionStrings>

What could I be doing wrong? If there is need for additional information you have to tell me

Thanks, Richard

Richard

View 2 Replies View Related

Why SQL 2005 Express Setup Need To Close Application Before Continuing?

Mar 6, 2008



I install SQL Express from my application with Process.Start().
But the installation tells me that i have to close my application.

"The following application should be closed before continuing...."

Why ? What is checked by setup?

View 1 Replies View Related

Setup And Upgrade :: Cannot Find One Or More Components - Reinstall The Application

Nov 1, 2015

SSMS is fail and show this ERROR : "Cannot find one or more components.  Please reinstall the application."

What Can i do?

View 4 Replies View Related

Setup Failing Due To Security Issue With WMI Namespace

Nov 16, 2006

I'm installing SQL Server Express SP1 on a new Windows XP Pro SP2 laptop that is part of a corporate network. The last item in the Setup Progress dialog box says:

Workstation Components, Books Online and Development Tools....Setup failed. Refer to log file.

C:Program FilesMicrosoft SQL Server90Setup BootstrapLOGSummary.txt looks fine except for the last few lines:

--------------------------------------------------------------------------------
Machine : ROVER
Product : Microsoft SQL Server 2005 Tools
Product Version : 9.1.2047.00
Install : Failed
Log File : c:Program FilesMicrosoft SQL Server90Setup BootstrapLOGFilesSQLSetup0004_ROVER_Tools.log
Last Action : InstallFinalize
Error String : SQL Server Setup failed to modify security permissions on WMI namespace \.
ootMicrosoftSqlServerComputerManagement. To proceed, verify that the account and domain running SQL Server Setup exist, that the account running SQL Server Setup has administrator privileges, and that the WMI namespace exists on the destination drive.
Error Number : 29516


Is this a common error when installing on a PC that is part of a corporate network? I didn't dig too far into SQLSetup0004_ROVER_Tools.log; however, it contains a few references to "SOFTWARE RESTRICTION POLICY".

Other than this error, SQL Server Express seems to be working ok. Is this anything to be concerned about?

View 3 Replies View Related

Application && Database Security Consultant

Dec 2, 2005

Looking for a consultant with solid experience in application anddatabase security for a project in the GTA.CONTACT---------------------------------------------------Please send your resume to:Join Bytes!

View 1 Replies View Related

Application Login And Integrated Security

Aug 8, 2007

Hello,

We're having a bit of a problem getting Integrated Security to work with a .Net 2.0 application and SQL 2005. While we're tweaking permissions on the SQL-side, we came across an account "Application Login" and wondered what its role is. First, our problem:

Currently, the users in the AD group get a connection error. This group is defined as follows at the instance level:

role: public
user mapping: to the database without any default schema
securables: none
status: grant and enabled

At the database security level:

general: none
securables: execute on all (100+) stored procedures

And we gave them "Execute" on the database itself.

A little background: we had detached and copied this database from one server to another. So we suspect that the Application Login may have been modified/corrupted, even though it appears to be identical between the original and the copied databases. So we redefined it on the copied DB to match the original.
Another group, which is defined as dbo on the database, has no problem at all connecting and running the application.

The Application Login has Execute permissions on all stored procedures and Delete, Insert, Select, Update, and View Definition on the ChangeLog table. It also has db_DataReader, db_DataWriter, and db_ddlAdmin roles associated with it.

Is there another SQL login required for initial connection to the database even though Integrated Security=SSPI is used in the connection string?

Does anyone see where we may be missing a security setting for the non-dbo user group to connect to the database?

Thanks very much for any suggestions, ideas ....
Cheers,
Tess

View 1 Replies View Related

DB Engine :: How Security Log Is Much Secure Than Application Log

Sep 17, 2015

SQL Server 2008 R2: How security log is much secure than application log?

View 3 Replies View Related

Setup And Upgrade :: No Mapping Between Account Names And Security ADs Was Done

Aug 26, 2015

Our software vendor rep is trying to upgrade MS SQL server 2008 SP4 to 2012 SP1. Get an error message: no mapping between account names and security ADs was done. He says that we get this error message because we have two domain controllers in our network, and one is running on the same windows server that run sql server. Out IT support disagrees to delete the second domain controller, saying it is recommended by Microsoft and he suggests that the problem is in Active directory.

View 2 Replies View Related

SQL Security :: User Login Failed For Web Application

Nov 19, 2015

We have a Web application that requires user authentication.  We have a Login Page for user's to login and be authenticated.  We also manage the user accounts using SQL Server Membership Provider.  We created aLogin user in SQL Server and used this user's privileges to connect to SQL Server in our website's connection strings.  Example, in our Web.config file, the connection string is:

<connectionStrings>
  <addname="MyConnectionString"connectionString="Server=MYSERVERNAMESQLSERVER2012;Initial
Catalog=MyDatabase;User Id=TUser;Password=MyPassword"providerName="System.Data.SqlClient"/>
</connectionStrings>

The problem now is when a user logs in, it's throwing an error that TUser's password has already expired.  We did not enforce the password policy and expiration date for this user.  So, I'm wondering why it's giving me this error.

View 2 Replies View Related

How To Setup User Security For Reporting Services Used Inside ASP.NET Web Applications?

Dec 13, 2007

I'm working on a project that requires integration of SQL Server Reporting Services with ASP.NET 3.0 Web Applications.
I'm working on Visual Studio 2005, with SQL Server 2005 on an XP development workstation.
SQL Server, Reporting Services, and IIS are all running on my local machine.

I'm trying to prototype two approaches, one using the Report Viewer control, and the second using the Reporting Services Web Service. I have the two examples setup in projects in Visual Studio.
The sample reports and data sources work fine in Visual Studio. I can access the report using the Reporting Services URL like this: http://localhost/Reports/Pages/Report.aspx?ItemPath=%2fBTT_BDS_DEV%2fCustomers; Report works fine.

My problem is, that when I try and access the report using the Report Viewer inside an ASP.NET page or from the Web Serivce hooked up inside an ASP.NET Page I get a security errors. I have chosen Windows Security for the Datasource, and ASP.NET pages. In the case of the Web Service, I'm passing in my local domain user name as the credentials.

I'm prototyping this on my local workstation, but I need to design this to be used on our corporate Intranet using Windows Security.

My questions are:

1. How do I need to setup users on my local development workstation to get this to work.
2. How should I plan for user security for enterprise deployment, i.e. using Reporting Services inside a large ASP.NET Web Application?
3. Can anybody give me some links to some good developer type working examples of doing this. I've looked but have not found the answers
to the "how do I setup users" part of the question specifcally related to ASP.NET apps?

Below is the code example of the Web Services example app I'm working with which came out of a book I have on
Reporting Services. This example compiles and seems like it would work but doesn't. Also following are a few of the
error messages I get when experimenting with the example apps:

Errors:

1. The permissions granted to user 'LocalMachineNameASPNET' are insufficient for performing this operation. (rsAccessDenied)

2. System.Web.Services.Protocols.SoapException was unhandled by user code
Message="System.Web.Services.Protocols.SoapException: The permissions granted to user 'LocalMachineName\ASPNET' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user 'WCRBUSCNC2830B\ASPNET' are insufficient for performing this operation. at Microsoft.ReportingServices.Library.RSService._GetReportParameterDefinitionFromCatalog(CatalogItemContext reportContext, String historyID, Boolean forRendering, Guid& reportID, Int32& executionOption, String& savedParametersXml, ReportSnapshot& compiledDefinition, ReportSnapshot& snapshotData, Guid& linkID, DateTime& historyOrSnapshotDate, Byte[]& secDesc) at Microsoft.ReportingServices.Library.GetDataForExecutionAction._GetDataForExecution(CatalogItemContext reportContext, ClientRequest session, String historyID, DataSourcePromptCollection& prompts, ExecutionSettingEnum& execSetting, DateTime& snapshotExecutionDate, ReportSnapshot& snapshotData, Int32& pageCount, Boolean& hasDocMap, PageSettings& reportPageSettings) at Microsoft.ReportingServices.Library.GetDataForExecutionAction.ExecuteStep(CatalogItemContext reportContext, ClientRequest session, DataSourcePromptCollection& prompts, ExecutionSettingEnum& execSetting, DateTime& executionDateTime, ReportSnapshot& snapshotData, Int32& pageCount, Boolean& hasDocMap, PageSettings& reportPageSettings) at Microsoft.ReportingServices.Library.CreateNewSessionAction.Save() at Microsoft.ReportingServices.WebServer.ReportExecution2005Impl.LoadReport(String Report, String HistoryID, ExecutionInfo& executionInfo) --- End of inner exception stack trace --- at Microsoft.ReportingServices.WebServer.ReportExecution2005Impl.LoadReport(String Report, String HistoryID, ExecutionInfo& executionInfo) at Microsoft.ReportingServices.WebServer.ReportExecutionService.LoadReport(String Report, String HistoryID, ExecutionInfo& executionInfo)"
Source="System.Web.Services"
Actor="http://localhost/ReportServer/ReportExecution2005.asmx"
Lang=""
Node="http://localhost/ReportServer/ReportExecution2005.asmx"
Role=""
StackTrace:
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at WebReportTester.localhost.ReportExecutionService.LoadReport(String Report, String HistoryID) in C:Documents and SettingsconbcxMy DocumentsVisual Studio 2005ProjectsBTT_BDS_DEVWebReportTesterWeb ReferenceslocalhostReference.cs:line 242
at WebReportTester._Default.btnExecuteReport_Click(Object sender, EventArgs e) in C:Documents and SettingsconbcxMy DocumentsVisual Studio 2005ProjectsBTT_BDS_DEVWebReportTesterDefault.aspx.cs:line 82
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

Web Service Code Example:

protected void btnExecuteReport_Click(object sender, EventArgs e)
{
byte[] report;

//Create an instance of the Reporting Services Web Reference
localhost.ReportExecutionService rsv = new localhost.ReportExecutionService();

//Create the credentials that will be used when accessing Reporting Services
//This must be a logon that has rights to the Customers Report
rsv.Credentials = System.Net.CredentialCache.DefaultCredentials;
rsv.PreAuthenticate = true;

//The Reporting Services virtual path to the report.
string reportPath = @"/ReportFolder/Customers";

//The rendering format for the report
string reportFormat = "HTML4.0";

//The devInfo string tells the report viewer how to display with the report
StringBuilder deviceInfoBuilder = new StringBuilder();
deviceInfoBuilder.Append(@"<DeviceInfo>");
deviceInfoBuilder.Append(@"<Toolbar>");
deviceInfoBuilder.Append(@"False");
deviceInfoBuilder.Append(@"</Toolbar>");
deviceInfoBuilder.Append(@"<Parameters>");
deviceInfoBuilder.Append(@"False");
deviceInfoBuilder.Append(@"</Parameters>");
deviceInfoBuilder.Append(@"<DocMap>");
deviceInfoBuilder.Append(@"True");
deviceInfoBuilder.Append(@"</DocMap>");
deviceInfoBuilder.Append(@"<Zoom>");
deviceInfoBuilder.Append(@"100");
deviceInfoBuilder.Append(@"</Zoom>");
deviceInfoBuilder.Append(@"</DeviceInfo>");

string deviceInfo = deviceInfoBuilder.ToString();

//Create an array of the values for the report parameters
localhost.ParameterValue[] parameters = new localhost.ParameterValue[1];
localhost.ParameterValue parameterValue = new localhost.ParameterValue();
parameterValue.Name = "@WTRKCustomerCode";
parameterValue.Value = "B34186";
parameters[0] = parameterValue;

//Create variables for the remainder of the parameters
string historyId = string.Empty;
string credentials = string.Empty;
string showHideToggle = string.Empty;
string extension = string.Empty;
string mimeType = string.Empty;
string encoding = string.Empty;
localhost.Warning[] warnings;
localhost.ParameterValue[] reportHistoryParameters;
string[] streamIds;

localhost.ExecutionInfo execInfo = new WebReportTester.localhost.ExecutionInfo();
localhost.ExecutionHeader execHeader = new WebReportTester.localhost.ExecutionHeader();
rsv.ExecutionHeaderValue = execHeader;

execInfo = rsv.LoadReport(reportPath, null);
rsv.SetExecutionParameters(parameters, "en-us");

try
{
//Execute the Report
report = rsv.Render(reportFormat, deviceInfo, out extension, out mimeType, out encoding, out warnings, out streamIds);

//Flush the pending response
Response.Clear();

//Set the HTTP Headers for a PDF response.
HttpContext.Current.Response.ClearHeaders();
HttpContext.Current.Response.ClearContent();
HttpContext.Current.Response.ContentType = "text/html";

//Filename is the default filename displayed
//if the user does a save as.
HttpContext.Current.Response.AppendHeader("Content-Disposition", "Customers.htm");

//Send the byte array containing the report as a binary response.
HttpContext.Current.Response.BinaryWrite(report);
HttpContext.Current.Response.End();

}
catch (Exception ex)
{
if(ex.Message != "Thread was being aborted.")
{
HttpContext.Current.Response.ClearHeaders();
HttpContext.Current.Response.ClearContent();
HttpContext.Current.Response.ContentType = "text/html";

StringBuilder errorMessageBuilder = new StringBuilder();
errorMessageBuilder.Append(@"<HTML>");
errorMessageBuilder.Append(@"<BODY>");
errorMessageBuilder.Append(@"<H1>");
errorMessageBuilder.Append(@"Error");
errorMessageBuilder.Append(@"</H1>");
errorMessageBuilder.Append(@"<BR>");
errorMessageBuilder.Append(@"<BR>");
errorMessageBuilder.Append(ex.Message);
errorMessageBuilder.Append(@"</BODY>");
errorMessageBuilder.Append(@"</HTML>");

string errorMessage = errorMessageBuilder.ToString();

HttpContext.Current.Response.Write(@errorMessage);
HttpContext.Current.Response.End();

}
}

}



Any direction here related to best practices on setting up users for code use with
ASP.NET applications would be greatly appreciated...

Thanks in advance...

View 8 Replies View Related

Fail To Install SQL Server 2005 (Clustering): SQL Server Setup Was Unable Add User

Oct 24, 2007

Hello all,

I have tried to install SQL Server 2005 Standard edition with CLUSTERING. I faced a problem and everything rolls back.

TITLE: Microsoft SQL Server 2005 Setup
------------------------------

SQL Server Setup was unable add user domain1xyz to local group domain1IT Security Admin-Group.

For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.1399.06&EvtSrc=setup.rll&EvtID=29512&EvtType=sqlca%5csqlsecurityca.cpp%40Do_sqlGroupMember%40Do_sqlGroupMember%40x6ba

I have refered to PostI=1659185 posted by Fly and it still won't be able to fix my problem.

I have added LOCAL SERVICE into the local group (SQLServer2005MSFTEUser$AAA$MSSQLSERVER), but it still can't work.

Please can someone help me on this. Thank a lot....

View 6 Replies View Related

How To Setup A Backup Server For SQL Server2005 For Production (in Case The Primary Server Fails)

Aug 1, 2007

I currently have a SQL Server cluster setup with a Primary DB Server SERVER1 and the Standby server SERVER2. SERVER1 has been failing more than normal is the past few weeks and its takes upto 5 mins for SERVER2 realize that SERVER1 is down. I am looking for a better way to implement a backup server on production with minimum downtime. Please adivse..

View 1 Replies View Related

SQL Server 2005 Express Adv. SP2 Setup Fails To Install SQL Server Database Serices Only.

Mar 26, 2007

I run setup using GUI. It upgrades all components of the existing installation w/out any problems except the last component. That is, it proceeds with the installation of SQL Server Database Serices and at the end fails to shut down the SQL Server and aborts the installation reporting the following:

"Service 'Computer_NameSQLEXPRESS' could not be stopped. Verify that you have sufficient privileges to stop system services. The error code is (16386)".

I am running Windows XP SP2 with both .NET 2.0 and .NET 3.0 installed on it. I am logged in as a system administrator.

The most puzzling to me things are:

- the setup starts AND STOPS w/out any problems SQL Server Reporting Services and SQL Server VSS Writer (thus finding enough privileges for both).

- the setup starts the SQL Server w/out any problems (thus it finds enough privileges to START A SYSTEM SERVICE) and then fails as described above 'lucking privileges".

During installation before failing the setup displays following:

"Run as Normal User. RANU instance Shutdwon in progress: MSSQL$SQLEXPRESS". The "normal user" puzzles me too, unless the SQL Server itself is meant here.

Any suggestions would be appreciated. I can provide the installation log file as well.

Thanks.

View 5 Replies View Related

Any Books That Explain How To Setup Windows 2003 Server + SQL Server 2000?

Nov 24, 2004

My uncle runs a small networking company and has extra licenses for Windows 2003 Server as well as SQL Server 2000. Since I just graduated from college and have started working as a database programmer (for a different company) I'd like to setup a small server at home to learn more about SQL (as well as networking, but SQL is my primary concern). I know I can setup SQL Server 2000 on my main PC, but I'd still like to set everything up in a server environment.

So, what I'm wondering is if any books (or web sites?) exist that walk you through setting up Windows 2003 Server and SQL Server 2000. I've actually set these up before (it's not very complicated) but I'm not sure if I did it the "correct" way.

Ideally if any books exist on O'Reilly's Safari Bookshelf that would be even better.

Thanks in advance,
John

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved