I am just wondering is it good idea to give NETWORK SERVICE permission for MSSQL database, can it open any security holes? Then I don't need to set any login parameters in my web app(ASP.NET MVC) config file, I go with integrated permission.
Looking at MSDN, Windows Network Service Account has minimum privileges in windows and it acts as the computer on the network.
But I personally believe that, if you are using it for personal development then it is ok to use network service to access database (if they are on same machine). You might need to configure application pool of your web app to use that service as well in order to have your web app authenticated by SQL Server.
But if it is for enterprise, then I would suggest you to create a separate domain account and use that domain account for both SQL Server and Web App. In that way you will have more better control over that account and it's permissions and less chances to find out that you have given more than required permissions to some default windows account.
Related
just two questions about Ejabberd. I saw and adapted PHP tool found through GitHub (https://github.com/leesherwood/ejabberd-php-auth) for external authentication, but I have a doubt: when exploiting external authentication, how Ejabberd links users (who are not stored into Ejabberd database but into an external mySQL database used for Web purposes) with conversations, please?
Second question. I have followed guidelines for setting external authentication. It works like a charm when testing by command line, mocking a command like 00auth:username:servername:password
But, when I try to connect to Ejabberd's administration web platform, I receive an error of connection. Instead, when I use internal authorization, the platform is reachable.
Do you figure out the reason, please?
how Ejabberd links users (who are not stored into Ejabberd database but into an external mySQL database used for Web purposes) with conversations, please?
How? With their username+hostname.
when I try to connect to Ejabberd's administration web platform, I receive an error of connection. Instead, when I use internal authorization, the platform is reachable.
Try to login with a Jabber client, does it work? In the WebAdmin, remember to provide the Jabber ID, which is username#hostname, not only the username.
I have a microsoft access database that I use to track client specifications. I would like store the front-end and back-end database in the cloud and use it in real time. What recommendations and cheap options are available
One option is to host the frontend and backend on an AWS t2.small instance running Windows:
AWS instance
Then access this via Remote Desktop as any other machine.
There is an option to use your Access database locally and update the data on the cloud, using Google Drive or other similar services to share this among several users, it is an asynchronous solution though.
deployment of a multi user Access app, among geographically separated users, is via Remote Desktop Server, aka citrix, aka terminal services...
in any multi user deployment the app is split, and each user has their own front end file - and all connect to the one single back end file. this remains true in an RDS deployment.
this is a main stream method to deploy, and very functional....lots of orgs do virtual desktop now, and then there are hosting companies that will do a single app... whether or not one views this as "cheap" however is in the eye of the beholder... but any other attempt/method is generally a kludge and is typically round-robin where only 1 user at a time can use the app... also - - one does not put the WAN in the middle... both the front and back end files are RDS and so the user simply has Win10 and does not need any Access or Office license on their local pc.
I would like to create a desktop application that should work with data on a mySql server running on a remote machine.
So each user has a copy of the desktop app and edits data on the remote mySql server.
Now my problem is that the mySql server will not allow connections from other hosts.
Question, is this just the wrong way of creating the app. If not how do I give any host access to the MYsql server.
(I know I can open up for a specific IP but that won't work as the app could be running anywhere)
You should front your database on the server with a thin service layer, where you could do some validation / processing on the data, perform authentication, etc. Your client apps would then expose those methods in your service layer as web services, to which your client apps would communicate using either SOAP/XML, REST/JSON, etc. In general, it is a bad idea to expose your database directly if your application is within a LAN, and a terrible one to expose it on the internet.
I am normally a .NET developer so have no experience with classic ASP.
I have been asked by a client to have a look at their classic ASP site. I am trying to recreate their site on my local machine so can have a play with but am having difficulty connecting to my copy of the database. The database has been recreated on SQL Server 2008 using windows authentication and I'm having difficulty with the connection string.
This is what I have so far:
Provider=SQLOLEDB;Data Source=MY-PC\SQLExpress;Initial Catalog=testdb;Integrated Security=SSPI;Persist Security Info=False;
Keeps saying
login failed.
Any ideas?
Modify the anonymous user account details that your local site uses to your own logon account.
The problem is that ASP scripts always run using impersonation either of the user associated with an authenticated connection or as the anonymous user account. The anonymous user is normally the rescricted IUSR account.
You could just turn off anonymous access and turn on Windows Integrated but I find its best for local development purposes to just change the anonymous user.
You need to create a login/user in SQL Server for the identity of the app pool in which your application is running.
i'm trying to install vmware view connection server but is ask me that the computer does not belong to a domain.
what do i do now? this is a home server and i do have a static ip address with my isp. the aim would be to connect from outside my home network remotely.
do i need to add a dns server in windows server 2008?
Have you tried LogMeIn? The free edition works beautifully for this sort of thing, without the headaches of firewalls, DNS, and IP addresses.
Yes, you need a AD domain to install vmware view connection server.
Please refer to pre-req of view:vmware view install guide
Preparing Active Directory
View uses your existing Microsoft Active Directory infrastructure for user authentication and management. You must perform certain tasks to prepare Active Directory for use with View.