I admit this not being C# specific but i don't know where else to start.
My application needs an "administra tor" user id. This would function
just like the "administra tor" user id in windows. The account is
built-in. The only thing that is configurable about the account is the
password.
What i don't know how to do is create an account like that. Is the user
id and pwd treated like all the other accounts? Stored in the DB? How
is special treatment given to that account? Should the user id be
hardcoded into the system?
Any documents or whatever that suggest a good way to approach this would
be greatly appreciated.
dan 4 3484
You need to create a user that is a member of the built-in system
"Administrators " group.
Dan Holmes wrote:
I admit this not being C# specific but i don't know where else to start.
My application needs an "administra tor" user id. This would function
just like the "administra tor" user id in windows. The account is
built-in. The only thing that is configurable about the account is the
password.
What i don't know how to do is create an account like that. Is the user
id and pwd treated like all the other accounts? Stored in the DB? How
is special treatment given to that account? Should the user id be
hardcoded into the system?
Any documents or whatever that suggest a good way to approach this would
be greatly appreciated.
dan
Dan Holmes wrote:
I admit this not being C# specific but i don't know where else to start.
My application needs an "administra tor" user id. This would function
just like the "administra tor" user id in windows. The account is
built-in. The only thing that is configurable about the account is the
password.
What i don't know how to do is create an account like that. Is the user
id and pwd treated like all the other accounts? Stored in the DB? How
is special treatment given to that account? Should the user id be
hardcoded into the system?
Any documents or whatever that suggest a good way to approach this would
be greatly appreciated.
dan
Hi Dan,
There are various approaches to what you are trying to accomplish, but
without anymore information about the security mechanisms you already
implement it's hard to suggest anything concrete.
From your post, I'm inferring that you already have some sort of
authentication system in place, for an application?
If this is the case, then can you provide any more information about what
you're doing, how you're doing it? If it's not, then are you looking for
an entire security implementation?
--
Hope this helps,
Tom Spink
Google first, ask later.
Tom Spink wrote:
>
Hi Dan,
....
>
From your post, I'm inferring that you already have some sort of
authentication system in place, for an application?
If this is the case, then can you provide any more information about what
you're doing, how you're doing it? If it's not, then are you looking for
an entire security implementation?
Yes, i have a security solution but i don't like the way that the admins
are handled. Right now any user with all rights is an admin. That
requires a manual SQL insert when the application is installed.
I currently have a table that holds user information and another table
that contains the things that the user is authorized to do. I can
provide more if you need it but didn't want to add too much.
What i am trying to do is not store a user in the DB named "admin" but i
also don't want code that looks like:
if (userID == "Admin") { /*do admin stuff*/ }
There must be a solution between those two extremes.
dan
Dan Holmes wrote:
Tom Spink wrote:
>> Hi Dan,
...
>> From your post, I'm inferring that you already have some sort of authenticati on system in place, for an application?
If this is the case, then can you provide any more information about what you're doing, how you're doing it? If it's not, then are you looking for an entire security implementation?
Yes, i have a security solution but i don't like the way that the admins
are handled. Right now any user with all rights is an admin. That
requires a manual SQL insert when the application is installed.
I currently have a table that holds user information and another table
that contains the things that the user is authorized to do. I can
provide more if you need it but didn't want to add too much.
What i am trying to do is not store a user in the DB named "admin" but i
also don't want code that looks like:
if (userID == "Admin") { /*do admin stuff*/ }
There must be a solution between those two extremes.
dan
Hi Dan,
Thanks for the extra information. At the simplest level, all I suggest is
adding a field to your users table, to specify whether or not that user has
admin rights, then when a privileged operation needs to happen, check the
value of that field. I assume you store somewhere the ID of the user
currently logged on; if you extend that to include the admin flag, then
whenever you need a privileged operation, you can check against that.
--
Hope this helps,
Tom Spink
Google first, ask later. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: John Davis |
last post by:
Anyone knows how to create the username/password authorization dialog in
ASP?
Thanks,
John
|
by: Lauren Quantrell |
last post by:
Is there a way to create a text file (such as a Windows Notepad file)
by using a trigger on a table? What I want to do is to send a row of
information to a table where the table: tblFileData has only one
column: txtOutput
I want to use the DB front end (MS Access) to send the text string to
the SQL backend, then have the SQL Server create a file to a path,
such as F:/myfiledate.txt that holds the text in txtOutput, then the
trigger...
|
by: Keith Jakobs, MCP |
last post by:
Greetings:
I had seen several posts around the Internet about this issue from a few
months back, but have been unable to find a resolution ...
I have a user who is trying to get started with Visual Studio.NET 2003. We
have uninstalled and reinstalled the Product.... then we did a complete
cleanout of development products, re-installed IIS, and reinstalled JUST
Visual Studio.NET 2003 with Framework 1.1 (no more 2002 edition or...
|
by: MLH |
last post by:
I was running the following code while logged
in as a user belonging only to the Users group.
Set usrNew = .CreateUser(Me!UserID) 'The user ID is in a
control on the form
usrNew.PID = "AAA123456789"
usrNew.Password = "password"
.Users.Append usrNew
|
by: John Bunch |
last post by:
I have installed Visual Studio 2005 Team Suite Beta 2, including SQL Server
2005 Express Edition April CTP, on Windows XP Professional SP2, including IIS
5.1. The SQL Server (SQLEXRPESS) service is running under the NT
AUTHORITY\NETWORK SERVICE account. This machine is named VSDev01WSWP01.
I am also running SQL Server 2000 on a Windows Server 2003 computer named
VSDev01SQL02. This computer contains my application's database, which I...
| |
by: Amjad |
last post by:
Hi,
I just wrote a test Windows Service that creates a text file on startup
(please see my code below). The file is never created.
Protected Overrides Sub OnStart(ByVal args() As String)
Dim swLog As StreamWriter = File.CreateText("C:\myLog.txt")
swLog.WriteLine("My Windows Service has just started.")
swLog.Close() : swLog.Flush()
End Sub
|
by: Michael |
last post by:
Hello,
I've created an ASP web page where users in our organization can create
Active Directory computer accounts.
The web page is running on a Server 2003 SP1 IIS 6 installation. The
Exchange System Manager is running on the web server and Exchange SP2 has
been installed.
The web page uses ADSI code to create a user, and then CDO code to create
|
by: Michael |
last post by:
Hello,
I've created an ASP web page where users in our organization can create
Active Directory computer accounts.
The web page is running on a Server 2003 SP1 IIS 6 installation. The
Exchange System Manager is running on the web server and Exchange SP2 has
been installed. The IIS site is configured with Basic Authentication and
users are prompted to enter their Active Directory credentials when
connecting to the site.
|
by: RAJSPY |
last post by:
Hi all,
I am trying to get an admin process started under a user account.
I want to start a process that can install programs under this user account.
Our company now has a full admin access for everyone to there computer. We want to downgrade this to an user account. The problem comes with installing own programs (Users may install what they want.). For distributed programs we have SMS.
So i want something like a install account that...
|
by: Big Charles |
last post by:
Hello,
Programming in VS2003-ASP.NET 1.1, I have this problem: Using
DirectoryEntry and without any admin user, how can I check if a domain
account, that try to login, has expired?
Scenario: User load web application and login using account and
password of the Active Directory.
But user account of ActiveDirectory has expired (or password could be
expired). For security reason, we don't want to use any account with
admin privilegies for...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |