How to enable Windows Authentication for DNN - sql-server-2008

Sorry my question might be duplicate but i dint find any correct solution.So im posting this question again...
First i have deployed a DNN website with sql server authentication.Site was working fine.
Later we re installed the sql server 2008. So im trying to give windows authentication to connect the site.
In web config connectionstring:i have removed the username and password and gave Integrated security="true" .
In IIS :Site -> Authentication -> windows Authentication ->enabled and all others disabled.
once i browse the site is redirecting to DNN install Wizard
Need Help.

In SQL Server did you configure the Windows account that the application pool (in IIS) is using to have DBOwner access to the database?
Also make sure to change BOTH connection strings in the database.
Depending on what version of IIS you are on, that account might differ. Older versions likely would use "Network Service" while newer versions might also use "Network Service" or an application pool specific account like "iis apppool\dnndev"
You'll also want to make sure that you aren't trying to assign a DOMAIN account to the database, unless of course that is what IIS is configured to use (as opposed to a local account)

Related

How to fix connection between Report Server and ReportServer database

Power BI Web Service URL working, web portal URL isn't
I had to reinstall Power BI Report Server. I reconnected to the underlying Reportserver database. Since I didn't have a backup of the encryption key, I deleted encrypted content. At this point if I go to the web portal (http://reportserver/Reports) I get this error:
"The service is not available. Contact your system administrator to
resolve the issue. System administrators: The report server can’t
connect to its database. Make sure the database is running and
accessible. You can also check the report server trace log for
details."
However when I go to the web service (http://reportserver/ReportServer), I can browse the report server directory. This information is coming from the underlying database so clearly the report server CAN connect to it's database. Both these happen both if I browse from my desktop or from the browser on the server itself. In the case of the server itself, I follow the links in the respective sections of the Admin tool, so links are correct, and Admin tool is indicating that web directory setup is correct.
Service restart does not help, neither does restart of the whole server. I also tried changing the name of the link (ie http://reportserver/PBIReports instead of http://reportserver/Reports) - still not working
OK I found what was going on. The reason for the reinstall was to roll back from a newer version of Power BI server. Rollback was needed because it didn't play nicely with some other processes on the same server.
In any case... as per MS documentation, upgrade of Power BI server can trigger a (silent, background) update to the ReportServer structure. So after reinstalling the old version of Power BI, I was in fact trying to connect the old version of Power BI to a new version of the ReportServer Database.
Hopefully removing existing (upgraded) ReportServer Database and recreating it from the Config tool of the old version of Power BI Server will do the trick.

Duplicating existing cakephp app for development

I need to make a development version of a cakePHP app with its own db so that a developer can work on it without disturbing the current users.
I thought it would be simple, I just copied the entire director /project to /project_dev and then copied the DB "project_db" to "project_db_dev". Then I went into /project_dev/config/database.php and changed the db to "project_db_dev".
When I went to see what I had done, I saw the app was still connecting to the same db, as if I'd changed nothing. I realized that the original folder name was referenced in /app/webroot/.htaccess so do I need to find/replace all instances of that folder name?
What steps should I follow to duplicate an existing cakePHP app?
You need to setup some kind of development lifecycle.
Generally speaking the developer shouldn't be doing any development on the server. The best way to handle it is locally using a stack of some kind such as Lamp (Linux, Apache, Mysql, PHP) switch out linux with other OS's. There are multiple cloud solution to these environments to such as Koding.com
Using something like Git for version control the developer can develop locally then push the code through to the server after is being thoroughly tested locally or on a dev server or some kind.
Keeping Dev work and Live work away from each other is key.
Could do with a bit more information.
If both databases are hosted on the same server and you have permission to access them both with the same user then all you have to do is change the name of the database in your database.php
If not you will also have to update the IP and any other additional settings port etc.
If you are still having troubles email me simpsond1988#gmail.com

IISExpress AppPool identity verification

I needed to run IISExpress under a specific identity. After going through this post how to run iisexpress app pool under a different identity I changed the processModel's username and password attributes in my \Documents\IISExpress\config\applicationhost.config file.
I would like to verify the change in my web application. Is there a way to verify?
Ultimately, what I'm after is that my security works properly using the PrincipalPermission attribute. I believe the Name property on this attribute matches the user under which IISExpress and my application are running.
Thanks in advance for your help.
IISExpress runs with current user identity and changing ProcessModel username/password won't help. Only way to run with particular identity is to launch iisexpress.exe with 'runas'.
I'm probably way too late to help, but have you tried changing your project to run with Local IIS instead of IIS Express?
Here's the way I do it (you could start in Visual Studio, but I find this more straighforward):
Launch IIS Manager with admin privilege (important that you have rights to muck with localhost)
Add a new Application Pool running with the Identity you need for your database (probably your windows account)
Create a new application on iis
point it to your project folder
assign it to the app pool you just created
In Visual Studio open your project's properties (select the project in solution explorer hit Alt-Enter or use context menu). In the Web Section, select Local IIS instead of IIS Express. No need to create virtual directory (you already did).
Now your app can open the database. As an added bonus, your project is always available to run. no need to start it from visual studio.

WAMP MYSQL or MYSQL service on clients side?

We have designed an application using .NET framework. There is a client application and a server application. The client applications, webpages, android/ iphone applications fetch data from the server using the WCF service.
My issue here is that some of the data that can be set by the user on the application is being saved on the server but cannot does not reflect on the client side once the application is restarted, we have designed the application in such a way that every change on the client side will be reflected on the server side, this is done to make this a cloud based application.
Some of the settings changed or value input on the client side is updating on the server successfully but does noes reflect on the client machines using the direct MYSQL service. However there are absolutely no issues while using WAMP as the MYSQL service, i.e the clients using the WAMP server can see the changes made. We have tried matching the versions and also have tried new and old versions of the standalone MYSQL. Firewall settings all seem fine. Since we prefer to install the standalone MYSQL over WAMP on our customers machines, it would be great if you could shed some light on the possible issues. Is there any difference in the initial config of MYSQL and the default config of WAMP MYSQL.
Hence if there is any thing in particular to note or tweak in this regards it will be really helpful.
Thanks in advance.
I don't think you'll get a really good answer to your question, because the term "WAMP" does not refer to a specific package, but rather any package that includes Windows versions of Apache, MySQL and PHP (and sometimes Perl instead of or in addition to PHP). See this link for a list of some of the available packages:
http://en.wikipedia.org/wiki/Comparison_of_WAMPs
Those packages come with different standard configurations for MySQL. Since you didn't say which WAMP package (and version) you were using, there is no way of knowing in what way their standard configuration differs from a plain MySQL installation (where the version is also important)
Have you tried just running a diff on the respective config files?

Impersonation in IIS 7.0

I have a website that works correctly under IIS 6.0: It authenticates users with windows credentials, and then when talking to the service that hits the DB, it passes the credentials.
In IIS 7.0, the same config settings do not pass the credentials, and the DB gets hit with NT AUTHORITY\ANONYMOUS.
Is there something I'm missing? I've turned ANONYMOUS access off in my IIS 7.0 website, but I can't get the thing to work.
These are the settings that I'm using on both IIS 6.0 and 7.0:
<authentication mode="Windows">
<identity impersonate="true">
What changed from 6.0 to 7.0?
There has been changes between IIS7 and IIS6.0. I found for you one blog post that might actually help you (click here to see it).
Are you running your application in Integrated Mode or in Classic Mode? From what I saw, putting the Impersonate attribute at true should display you a 500 error with the following error message:
Internal Server Error. This is HTTP
Error 500.19: The requested page
cannot be accessed because the related
configuration data for the page is
invalid.
Here is the workaround that is proposed:
Workaround:
1) If your application does not rely
on impersonating the requesting user
in the BeginRequest and
AuthenticateRequest stages (the only
stages where impersonation is not
possible in Integrated mode), ignore
this error by adding the following to
your application’s web.config:
<validation validateIntegratedModeConfiguration="false"
/>
2) If your application does rely on
impersonation in BeginRequest and
AuthenticateRequest, or you are not
sure, move to classic mode.
I hoped that was useful to understand how IIS 7.0 now works.
Is your IIS server set up to be trusted for delegation by the SQLServer? I've run into this before with WebDAV where we've had to have the server running IIS trusted by the file server to authenticate on the file server's behalf.
Interesting... I have the opposite problem - Not being able to get the authentication to be passed from the client browser, through the webserver and onto the database within a large corporate network over firewalls.
I also feel that "end to end user" authentication to the database is a bad idea and a potential security risk. There is nothing to stop the end user from loading up SQL Query and connecting directly to your database, so you'd better have your schema locked down!
#Esteban - Clarified my not very useful in helping you answer.
Typically if you are doing double hop authentication like this, Kerberos is typically involved unless the first authentication is Basic.
I would check the authentication on the IIS 6 servers and make sure that it's the same on IIS 7.
If the IIS 6 box is set to Windows Integrated, then you need to verify the kerberos settings - SPNs, Delegation etc.