I've just created a new program in Visual Studio 2005, Visual Basic.
I can publish, install, and run the program just fine as long as the
user is a member of the "Domain Admins" group. My problem is when a
non-admin using tries to run the program. The program gets hung up on
the following line
Dim cn As System.Data.Sql Client.SqlConne ction = New SqlConnection(" Data
Source=spdb01;I nitial Catalog=SToP;In tegrated Security=True;" )
How can I fix this, or what is the problem. I've been pulling my hair
out over this. I'm sure it's not the permissions on the SQL server,
I've givin the "Domain Users" group full control of the database.
May 3 '06
15 1956
Also, just run Query Analyer. Have a non-admin user log onto your
workstation, and have them start up Query Analyzer, and try to connect to
the database. They won't be able to. So it's not in your app, it's in SQL
security.
Jeff
"sflynn" <ss*****@gmail. com> wrote in message
news:11******** **************@ u72g2000cwu.goo glegroups.com.. . I also just tried passing a username and password to the database. The admin users are still working, but the others are not. It seems that the non-admin users don't have permissions to run "Sqlconnection" , it doesn't seem to be a database security problem, but a system security problem somewhere.
I've tried using the non integrated SQL security, and passing the
username and password. On Windows XP/ 2000 workstatiosn it works fine
as both an admin and regular user using integrated and SQL security.
But when a user tries to log in from a Windows 2000 Terminal Server, it
doesn't work. When I make that user a member of the local
Administrators group on the terminal server (not domain admin) it also
works.
Jeff,
But that is much more dangerous than permitting the domainusers in SQL
server the use of a table in the databaseserver and than to use integrated
security.
Whit what you suppose everybody can use the database. (Which can be in some
circumstances withouth problem ). However here the OP talks about his domain
users.
Cor
"Jeff Dillon" <je********@hot mail.com> schreef in bericht
news:eN******** ******@TK2MSFTN GP02.phx.gbl... No, just one connection string! Everyone logs under the same SQL account
Jeff
"Cor Ligthert [MVP]" <no************ @planet.nl> wrote in message news:uK******** ******@TK2MSFTN GP02.phx.gbl... And you have to make for every user his own connectionstrin g
Cor
"Göran Andersson" <gu***@guffa.co m> schreef in bericht news:uT******** ******@TK2MSFTN GP02.phx.gbl...I believe that Jeff means that a database user account would be easier to handle than a trusted connection. Just add the user in the datbase and supply the credentials in the connection string. Then you don't have to grant access for a lot of windows user accounts to the database.
That also makes it easier to tighten the security. The user account can be given permission to a single database, and only permission to execute stored procedures. That would make the connection totally safe against SQL injections (unless of course a stored procedure creates SQL dynamically).
Cor Ligthert [MVP] wrote: Jeff,
In my idea is your first solution enough, if the user has no permissions, than adding the username/password in the connection string has as well not sense.
> "My problem is when a non-admin using tries to run the program. " > > Ding ding? Non-admin users can't connect to the database, obviously. > Add them. > > Any reason you need Integrated Security on SQL? You could pass a > username/password in the connection string instead >
Cor
No, actually NOBODY can use the database, except the single logon user
But yes, EVERYBODY who uses the app, can access the database, under that
same account.
But I didn't read carefully enough, he has problems with Terminal Server
users.
Jeff
"Cor Ligthert [MVP]" <no************ @planet.nl> wrote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. .. Jeff,
But that is much more dangerous than permitting the domainusers in SQL server the use of a table in the databaseserver and than to use integrated security.
Whit what you suppose everybody can use the database. (Which can be in some circumstances withouth problem ). However here the OP talks about his domain users.
Cor
"Jeff Dillon" <je********@hot mail.com> schreef in bericht news:eN******** ******@TK2MSFTN GP02.phx.gbl... No, just one connection string! Everyone logs under the same SQL account
Jeff
"Cor Ligthert [MVP]" <no************ @planet.nl> wrote in message news:uK******** ******@TK2MSFTN GP02.phx.gbl... And you have to make for every user his own connectionstrin g
Cor
"Göran Andersson" <gu***@guffa.co m> schreef in bericht news:uT******** ******@TK2MSFTN GP02.phx.gbl... I believe that Jeff means that a database user account would be easier to handle than a trusted connection. Just add the user in the datbase and supply the credentials in the connection string. Then you don't have to grant access for a lot of windows user accounts to the database.
That also makes it easier to tighten the security. The user account can be given permission to a single database, and only permission to execute stored procedures. That would make the connection totally safe against SQL injections (unless of course a stored procedure creates SQL dynamically).
Cor Ligthert [MVP] wrote: > Jeff, > > In my idea is your first solution enough, if the user has no > permissions, than adding the username/password in the connection > string has as well not sense. > >> "My problem is when a non-admin using tries to run the program. " >> >> Ding ding? Non-admin users can't connect to the database, obviously. >> Add them. >> >> Any reason you need Integrated Security on SQL? You could pass a >> username/password in the connection string instead >> > > Cor >
Jeff, But I didn't read carefully enough, he has problems with Terminal Server users.
Where, just at his latest replies while this is probably the most relevant
information.
Cor
Your point? Don't waste my time
"Cor Ligthert [MVP]" <no************ @planet.nl> wrote in message
news:eW******** *****@TK2MSFTNG P05.phx.gbl... Jeff, But I didn't read carefully enough, he has problems with Terminal Server users.
Where, just at his latest replies while this is probably the most relevant information.
Cor This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Nayt Grochowski |
last post by:
Does anyone see any problem with the loading a SqlConnection into the
System.Web.HttpContextCurrent.Items collection in a Page's Constructor. Then
Closing and Disposing of it the OnUnload method?
Connection would not be "Opened" until it was actually used (this is handled
by a common "Helper" class - similar to Microsoft's SqlHelper Application
Block), Ie:
public class MyPage : Page {
public MyPage() {
|
by: RF |
last post by:
Hi,
I have an app that I need to set some values in the CurrentUser and
LocalMachine of the Registry. If the user has administrator previledges, no
problems occur. However, if the user if of type "limited" or
non-administrator, I receive an exception when trying to write in the
LocalMachine.
How can I bypass or impersonate the administrator to enable the app to write
values in the LocalMachine.
|
by: Earl Teigrob |
last post by:
Background:
When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is comprised of a DataGrid may have separate permissions for adding, deleting and updating a news item.
Problem
Up until now, I have been implementing security directly inside the control. I will test directly against the security model to see if...
|
by: Norsoft |
last post by:
I have a .Net 1.1 application which is downloaded into an aspx page. It is a
dll which inherits from System.Windows.Forms.UserControl. It works fine on a
PC with only the 1.1 Framework. However, the control will not load on a PC
with the 2.0 Framework installed. I know that IE will use the newest
framework so I assume it is a security issue.
At the assembly level I apply the following attributes;
|
by: Andrew Chalk |
last post by:
My application attempts to connect to an SQL Server database as name ASPNET
and Login Name SERVERNAME/ASPNET in response to these commands:
SqlConnection myConnection = new SqlConnection("Data Source=(local);Initial
Catalog=MCSCRE;Integrated Security=SSPI");
myConnection.Open();
However, the user of this database is ASPNET. I can't create a user ASPNET
with a login name SERVERNAME/ASPNET, SQL Enterprise Manager always keeps the
name...
| |
by: James |
last post by:
I have a VB windows forms application that accesses a Microsoft Access
database that has been secured using user-level security. The
application is being deployed using No-Touch deployment. The objective
in utilizing this new deployment method is to reduce the maintenance
overhead as well as making it easier for my users to setup and run the
application initially. I have VS 2002, Windows XP, Access XP(2000
format).
He is my problem....
|
by: James |
last post by:
I have a VB windows forms application that accesses a Microsoft Access
database that has been secured using user-level security. The
application is being deployed using No-Touch deployment. The objective
in utilizing this new deployment method is to reduce the maintenance
overhead as well as making it easier for my users to setup and run the
application initially. I have VS 2002, Windows XP, Access XP(2000
format).
He is my problem....
|
by: Segfahlt |
last post by:
I need a little help here please.
I have 2 win forms user controls in 2 different projects that I'm hosting in
2 different virtual directories. The controls have been test and operate okay
in both projects.
Both controls(dlls) have been signed using SN.exe and I've set up the
appropriate .Net assembly permissions using those Strong Names
The DLL's have been copied to the /bin directory in both web virtual
directories.
|
by: goc |
last post by:
I have a Web Farm, that fetches its database-data from a separate
database-server. Today I was forced to go over to .NET 2.0 (since 1.1
can't be installed on Windows Vista x64), and it brought about quite
alot of problems. But now I've sorted out everything except one
problem that I just can't get to disappear:
As soon as I try to connect to a database from my code and run a
query, I get an exception thrown:
Check: Request for the...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |