Granting permissions to SQL database

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Granting permissions to SQL database

Message

From

23/01/2009 17:07:49

Stephen Russell
S. R. & Associates
Memphis, Tennessee, United States

23/01/2009 17:02:33

Don Freeman
Pag
Tucson, Arizona, United States

General information

Forum:

ASP.NET

Category:

Deployments

Title:

Re: Granting permissions to SQL database

Miscellaneous

Thread ID:

01376584

Message ID:

01376651

Views:

>>>>>>>Can someone advise me as to how to provide read/write permissions to my internet users for write access to the data tables? I am able to read data out of them but cannot write to them. This is not a problem in the development environment but appears when I access it via the web. Folder and file permissions are open in the system. It appears to be something related to SQL Server.
>>>>>>
>>>>>>How does your app. connect to SQL (what does your connection string look like)? If you're using normal Windows authentication for the SQL string, then it will attempt to connect using the same security context as ASP.NET (Network Service under Win 2003). You can either give that account access to SQL Server, or change the connection string to connect as a named user (assuming you've configured SQL Server to used mixed-authentication: both Windows and accounts configured only in SQL). Or, you can change IIS to run under a different user that has access to SQL.
>>>>>
>>>>>Thanks Paul -
>>>>>Being totally new to this subject I only understand about 1/3 of what you said. Here's my Connection string.
>>>>
>>>>It's connecting to the database using Integrated Security, which means (assuming you're under Win2003) that it's connecting to SQL Server as the "Network Service" user. That user probably doesn't have the access it needs to SQL Server.
>>>>
>>>>You have a few things you can do to fix this:
>>>>
>>>>- Add Network Service as a user in SQL and give it the permissions it needs
>>>>- Change the connection string to explicitly pass in the username/password. Create that same user/pass in SQL and give them the permission they need.
>>>>- Change the account IIS runs ASP.NET under to an account which already has permission to SQL Server.
>>>
>>>OK, I think you mean any one of these suggestions as opposed to ALL of them. Right?
>>>In SSMS/Security/Logins I am showing an entry for NT Authority\NETWORK SERVICE and another for TPD284\ASPNET. (The latter is my PC.) What is not clear is how to add permissions to either of these. A rt-click/properties brings up a blank form with no entries. Can you walk me from there?
>>>Thanks
>>-----------------------
>>
>>From my POV:
>>
>>SSMS
>>Rt click on Security | Login for the Server you are logged into. NEW Login.
>>Empty form is in front of you.
>>
>>Click the radio button for SqlServer authentication
>>put in a User to the db. WebUser, or ButtHead.
>>Put in a StrongPassword for ButtHead. @ButtHead1! hahaahahaha real strong but you get the idea.
>>defualt Database is the DB you want them to hit, don't default to master!
>>
>>On the left pane you can go down and give this user privileges as you see fit.
>>
>>heads up here. THEY ARE NOT DBO.
>>db_datareader
>>db_datawriter
>>db_executesproc are all you need in the beginning.
>>
>>poof they are set up!
>
>Thanks Steve.
>This would require that the database in question be added to SSMS. Note my earlier comment that when I did this I could no longer access it from the designer. Um. . . maybe the connection string then needs to be modified to include the user and password?

Yep. ;->

Is there an instance for the server as well?

\\MyServer\Prod
\\Myserver\QA
\\Myserver\devHell

if so you will need to include that in your connection string.

HTH

__Stephen Russell
>>
"Simplicity is the ultimate sophistication."

Leonardo da Vinci

>> My old crummy site.

Map

View

Click here to load this message in the networking platform