I admit this not being C# specific but i don't know where else to start.
My application needs an "administrator" user id. This would function
just like the "administrator" user id in windows. The account is
built-in. The only thing that is configurable about the account is the
password.
What i don't know how to do is create an account like that. Is the user
id and pwd treated like all the other accounts? Stored in the DB? How
is special treatment given to that account? Should the user id be
hardcoded into the system?
Any documents or whatever that suggest a good way to approach this would
be greatly appreciated.
dan
4  3455 
You need to create a user that is a member of the built-in system
"Administrators" group.
Dan Holmes wrote:
I admit this not being C# specific but i don't know where else to start.
My application needs an "administrator" user id. This would function
just like the "administrator" user id in windows. The account is
built-in. The only thing that is configurable about the account is the
password.
What i don't know how to do is create an account like that. Is the user
id and pwd treated like all the other accounts? Stored in the DB? How
is special treatment given to that account? Should the user id be
hardcoded into the system?
Any documents or whatever that suggest a good way to approach this would
be greatly appreciated.
dan
Dan Holmes wrote:
I admit this not being C# specific but i don't know where else to start.
My application needs an "administrator" user id. This would function
just like the "administrator" user id in windows. The account is
built-in. The only thing that is configurable about the account is the
password.
What i don't know how to do is create an account like that. Is the user
id and pwd treated like all the other accounts? Stored in the DB? How
is special treatment given to that account? Should the user id be
hardcoded into the system?
Any documents or whatever that suggest a good way to approach this would
be greatly appreciated.
dan
Hi Dan,
There are various approaches to what you are trying to accomplish, but
without anymore information about the security mechanisms you already
implement it's hard to suggest anything concrete.
From your post, I'm inferring that you already have some sort of
authentication system in place, for an application?
If this is the case, then can you provide any more information about what
you're doing, how you're doing it? If it's not, then are you looking for
an entire security implementation?
--
Hope this helps,
Tom Spink
Google first, ask later.
Tom Spink wrote:
>
Hi Dan,
....
>
From your post, I'm inferring that you already have some sort of
authentication system in place, for an application?
If this is the case, then can you provide any more information about what
you're doing, how you're doing it? If it's not, then are you looking for
an entire security implementation?
Yes, i have a security solution but i don't like the way that the admins
are handled. Right now any user with all rights is an admin. That
requires a manual SQL insert when the application is installed.
I currently have a table that holds user information and another table
that contains the things that the user is authorized to do. I can
provide more if you need it but didn't want to add too much.
What i am trying to do is not store a user in the DB named "admin" but i
also don't want code that looks like:
if (userID == "Admin") { /*do admin stuff*/ }
There must be a solution between those two extremes.
dan
Dan Holmes wrote:
Tom Spink wrote:
>>
Hi Dan,
...
>>
From your post, I'm inferring that you already have some sort of
authentication system in place, for an application?
If this is the case, then can you provide any more information about what
you're doing, how you're doing it? If it's not, then are you looking for
an entire security implementation?
Yes, i have a security solution but i don't like the way that the admins
are handled. Right now any user with all rights is an admin. That
requires a manual SQL insert when the application is installed.
I currently have a table that holds user information and another table
that contains the things that the user is authorized to do. I can
provide more if you need it but didn't want to add too much.
What i am trying to do is not store a user in the DB named "admin" but i
also don't want code that looks like:
if (userID == "Admin") { /*do admin stuff*/ }
There must be a solution between those two extremes.
dan
Hi Dan,
Thanks for the extra information. At the simplest level, all I suggest is
adding a field to your users table, to specify whether or not that user has
admin rights, then when a privileged operation needs to happen, check the
value of that field. I assume you store somewhere the ID of the user
currently logged on; if you extend that to include the admin flag, then
whenever you need a privileged operation, you can check against that.
--
Hope this helps,
Tom Spink
Google first, ask later. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: John Davis |
last post by:
Anyone knows how to create the username/password authorization dialog in
ASP?
Thanks,
John
|
by: Lauren Quantrell |
last post by:
Is there a way to create a text file (such as a Windows Notepad file)
by using a trigger on a table? What I want to do is to send a row of
information to a table where the table: tblFileData has...
|
by: Keith Jakobs, MCP |
last post by:
Greetings:
I had seen several posts around the Internet about this issue from a few
months back, but have been unable to find a resolution ...
I have a user who is trying to get started with...
|
by: MLH |
last post by:
I was running the following code while logged
in as a user belonging only to the Users group.
Set usrNew = .CreateUser(Me!UserID) 'The user ID is in a
control on the form
usrNew.PID =...
|
by: John Bunch |
last post by:
I have installed Visual Studio 2005 Team Suite Beta 2, including SQL Server
2005 Express Edition April CTP, on Windows XP Professional SP2, including IIS
5.1. The SQL Server (SQLEXRPESS) service...
|
by: Amjad |
last post by:
Hi,
I just wrote a test Windows Service that creates a text file on startup
(please see my code below). The file is never created.
Protected Overrides Sub OnStart(ByVal args() As String)
Dim...
|
by: Michael |
last post by:
Hello,
I've created an ASP web page where users in our organization can create
Active Directory computer accounts.
The web page is running on a Server 2003 SP1 IIS 6 installation. The...
|
by: Michael |
last post by:
Hello,
I've created an ASP web page where users in our organization can create
Active Directory computer accounts.
The web page is running on a Server 2003 SP1 IIS 6 installation. The...
|
by: RAJSPY |
last post by:
Hi all,
I am trying to get an admin process started under a user account.
I want to start a process that can install programs under this user account.
Our company now has a full admin access...
|
by: Big Charles |
last post by:
Hello,
Programming in VS2003-ASP.NET 1.1, I have this problem: Using
DirectoryEntry and without any admin user, how can I check if a domain
account, that try to login, has expired?
Scenario: User...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| |
