Website Administration has errors

Discussion in 'ASP .Net Security' started by Herb, Jul 13, 2006.

  1. Herb

    Herb Guest

    Using the Website...ASP Configuration tool, when I try to do anything in
    "Security" I get the following error. Using Forms ID and a CreateuserWizard,
    I am able to creat users through my websote, but not on the Admin website.

    Error:

    An error was encountered. Please return to the previous page and try again.

    The following message may help in diagnosing the problem: Unable to connect
    to SQL Server database. at
    System.Web.Administration.WebAdminPage.CallWebAdminHelperMethod(Boolean
    isMembership, String methodName, Object[] parameters, Type[] paramTypes) at
    ASP.security_wizard_wizardpermission_ascx.OnInit(EventArgs e) at
    System.Web.UI.Control.InitRecursive(Control namingContainer) at
    System.Web.UI.Control.InitRecursive(Control namingContainer) at
    System.Web.UI.Control.InitRecursive(Control namingContainer) at
    System.Web.UI.Control.InitRecursive(Control namingContainer) at
    System.Web.UI.Control.InitRecursive(Control namingContainer) at
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,
    Boolean includeStagesAfterAsyncPoint)
    Herb, Jul 13, 2006
    #1
    1. Advertising

  2. Hello Herb,

    Welcome to the ASP.NET newsgroup.

    From your description, I understand you have an ASP.NET 2.0/VS 2005 web
    project. The application is configured to use SQL Server
    provider(membership, role ...). The application can works at runtime,
    however, when you use the web admin site to manage the web application's
    security setting, you're getting "Unable to connect to SQL Server database"
    error, correct? If there is anything I missed, please feel free to let me
    know.

    Based on my experience, such problem is possibly caused by security
    permission issue when the webadmin site page try connecting to the target
    SQL Server database engine.And this is a bit hard to troubleshoot from the
    appearance.

    Would please help me confirm the following things on your problem machine?



    1. whether your ASP.NET 2.0 application is using the default local SQL
    Express provider? Or have you manually changed to use other sqlserver
    engine as the database provider?

    2. If it is using the default sqlexpress provider, have you checked the
    default "localSqlServer" connectionString value in the machine.config file
    to see whether it remains the default value(with .net framework
    installation)? The default value should look like below:

    ===========
    <connectionStrings>
    <add name="LocalSqlServer" connectionString="data
    source=.\SQLEXPRESS;Integrated
    Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User
    Instance=true" providerName="System.Data.SqlClient" />
    </connectionStrings>
    ===========



    I have searched over the web and checked our internal database and found
    some similar issues, some are caused by the user account doesn't have
    sufficient permision, some are caused by the SQL Express is not correctly
    installed.

    AS for user account permission, since the web admin site will use the
    current logon user(which is using visual studio) as the security identity,
    I suggest you verfify whether the current user account has been added in
    the machine's "users" group. If it is a domain account, it is naturally
    added in the machine's users group.

    As for Sql Express database, since the default "LocalSqlServer" connection
    string use "User instance" setting, it will create dynamic sql express mdb
    files under the following directory(and start a separate sqlserver instance
    against it):

    "C:\Documents and Settings\<username>\Local Settings\Application
    Data\Microsoft\Microsoft SQL Server Data\SQLEXPRESS"

    You can verify whether there is any mdf files there. If not exists, the
    problem is possibly caused by the sql express user instance is not
    correctly created. There may exists some issue with the sqlexpress
    installation.



    In addition, for generic troubleshooting, we can do the following tests:

    1) use sql profiler to trace the sqlexpress's connecting status when the
    web admin site try connecting to it
    (need to have sqlserver 2005 workstation components installed)

    2) use filemon tool to trace any NTFS file access failure on the machine:

    http://www.sysinternals.com/utilities/filemon.html

    Hope this helps you some. If there is anything unclear, please feel free to
    let me know.

    Regards,

    Steven Cheng
    Microsoft MSDN Online Support Lead


    ==================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.

    ==================================================


    This posting is provided "AS IS" with no warranties, and confers no rights.



    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Steven Cheng[MSFT], Jul 14, 2006
    #2
    1. Advertising

  3. Herb

    Herb Guest

    Steven,

    Your assumptions are correct. I am using SQL Server 7 on a different server.
    When I use the CreateUserWizard within my ASP page, I can create users. When
    I use the Website...ASP.Net Configuration it shows me that I have 1 user
    defined (so it sees the data), but any attempts to use "Manage Users", etc
    gives the error from the original message. My provider in my web.config is
    defined as:

    <connectionStrings>
    <!--- OLEDB to SQL7 Database -->
    <add name="NuclearDedication" connectionString="Provider=SQLOLEDB;
    Data Source=BVRPASDATASVR01;Integrated Security=SSPI;
    Initial Catalog=NuclearDedication"
    providerName="System.Data.OleDb"/>
    <!-- provider for security -->
    <add name="loginConn" connectionString="Data Source=BVRPASDATASVR01;
    Integrated Security=SSPI;Initial Catalog=aspnetdb"/>
    </connectionStrings>


    <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
    <providers>
    <clear />
    <add
    name="SqlProvider"
    type="System.Web.Security.SqlMembershipProvider"
    connectionStringName="loginConnection"
    applicationName="NuclearDedication"
    enablePasswordRetrieval="false"
    enablePasswordReset="true"
    requiresQuestionAndAnswer="true"
    requiresUniqueEmail="true"
    minRequiredNonalphanumericCharacters="0"
    passwordFormat="Hashed" />
    </providers>
    </membership>


    "Steven Cheng[MSFT]" wrote:

    > Hello Herb,
    >
    > Welcome to the ASP.NET newsgroup.
    >
    > From your description, I understand you have an ASP.NET 2.0/VS 2005 web
    > project. The application is configured to use SQL Server
    > provider(membership, role ...). The application can works at runtime,
    > however, when you use the web admin site to manage the web application's
    > security setting, you're getting "Unable to connect to SQL Server database"
    > error, correct? If there is anything I missed, please feel free to let me
    > know.
    >
    > Based on my experience, such problem is possibly caused by security
    > permission issue when the webadmin site page try connecting to the target
    > SQL Server database engine.And this is a bit hard to troubleshoot from the
    > appearance.
    >
    > Would please help me confirm the following things on your problem machine?
    >
    >
    >
    > 1. whether your ASP.NET 2.0 application is using the default local SQL
    > Express provider? Or have you manually changed to use other sqlserver
    > engine as the database provider?
    >
    > 2. If it is using the default sqlexpress provider, have you checked the
    > default "localSqlServer" connectionString value in the machine.config file
    > to see whether it remains the default value(with .net framework
    > installation)? The default value should look like below:
    >
    > ===========
    > <connectionStrings>
    > <add name="LocalSqlServer" connectionString="data
    > source=.\SQLEXPRESS;Integrated
    > Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User
    > Instance=true" providerName="System.Data.SqlClient" />
    > </connectionStrings>
    > ===========
    >
    >
    >
    > I have searched over the web and checked our internal database and found
    > some similar issues, some are caused by the user account doesn't have
    > sufficient permision, some are caused by the SQL Express is not correctly
    > installed.
    >
    > AS for user account permission, since the web admin site will use the
    > current logon user(which is using visual studio) as the security identity,
    > I suggest you verfify whether the current user account has been added in
    > the machine's "users" group. If it is a domain account, it is naturally
    > added in the machine's users group.
    >
    > As for Sql Express database, since the default "LocalSqlServer" connection
    > string use "User instance" setting, it will create dynamic sql express mdb
    > files under the following directory(and start a separate sqlserver instance
    > against it):
    >
    > "C:\Documents and Settings\<username>\Local Settings\Application
    > Data\Microsoft\Microsoft SQL Server Data\SQLEXPRESS"
    >
    > You can verify whether there is any mdf files there. If not exists, the
    > problem is possibly caused by the sql express user instance is not
    > correctly created. There may exists some issue with the sqlexpress
    > installation.
    >
    >
    >
    > In addition, for generic troubleshooting, we can do the following tests:
    >
    > 1) use sql profiler to trace the sqlexpress's connecting status when the
    > web admin site try connecting to it
    > (need to have sqlserver 2005 workstation components installed)
    >
    > 2) use filemon tool to trace any NTFS file access failure on the machine:
    >
    > http://www.sysinternals.com/utilities/filemon.html
    >
    > Hope this helps you some. If there is anything unclear, please feel free to
    > let me know.
    >
    > Regards,
    >
    > Steven Cheng
    > Microsoft MSDN Online Support Lead
    >
    >
    > ==================================================
    >
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    >
    > ==================================================
    >
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >
    >
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    >
    >
    Herb, Jul 14, 2006
    #3
  4. Herb

    Herb Guest

    Oops. That message had 1 typo. In <connectionStrings/> I typed the name as
    "loginConn" and in <providers/> I typed it as "loginConnection". It is
    actually "loginConnection" in both places.

    "Herb" wrote:

    > Steven,
    >
    > Your assumptions are correct. I am using SQL Server 7 on a different server.
    > When I use the CreateUserWizard within my ASP page, I can create users. When
    > I use the Website...ASP.Net Configuration it shows me that I have 1 user
    > defined (so it sees the data), but any attempts to use "Manage Users", etc
    > gives the error from the original message. My provider in my web.config is
    > defined as:
    >
    > <connectionStrings>
    > <!--- OLEDB to SQL7 Database -->
    > <add name="NuclearDedication" connectionString="Provider=SQLOLEDB;
    > Data Source=BVRPASDATASVR01;Integrated Security=SSPI;
    > Initial Catalog=NuclearDedication"
    > providerName="System.Data.OleDb"/>
    > <!-- provider for security -->
    > <add name="loginConn" connectionString="Data Source=BVRPASDATASVR01;
    > Integrated Security=SSPI;Initial Catalog=aspnetdb"/>
    > </connectionStrings>
    >
    >
    > <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
    > <providers>
    > <clear />
    > <add
    > name="SqlProvider"
    > type="System.Web.Security.SqlMembershipProvider"
    > connectionStringName="loginConnection"
    > applicationName="NuclearDedication"
    > enablePasswordRetrieval="false"
    > enablePasswordReset="true"
    > requiresQuestionAndAnswer="true"
    > requiresUniqueEmail="true"
    > minRequiredNonalphanumericCharacters="0"
    > passwordFormat="Hashed" />
    > </providers>
    > </membership>
    >
    >
    > "Steven Cheng[MSFT]" wrote:
    >
    > > Hello Herb,
    > >
    > > Welcome to the ASP.NET newsgroup.
    > >
    > > From your description, I understand you have an ASP.NET 2.0/VS 2005 web
    > > project. The application is configured to use SQL Server
    > > provider(membership, role ...). The application can works at runtime,
    > > however, when you use the web admin site to manage the web application's
    > > security setting, you're getting "Unable to connect to SQL Server database"
    > > error, correct? If there is anything I missed, please feel free to let me
    > > know.
    > >
    > > Based on my experience, such problem is possibly caused by security
    > > permission issue when the webadmin site page try connecting to the target
    > > SQL Server database engine.And this is a bit hard to troubleshoot from the
    > > appearance.
    > >
    > > Would please help me confirm the following things on your problem machine?
    > >
    > >
    > >
    > > 1. whether your ASP.NET 2.0 application is using the default local SQL
    > > Express provider? Or have you manually changed to use other sqlserver
    > > engine as the database provider?
    > >
    > > 2. If it is using the default sqlexpress provider, have you checked the
    > > default "localSqlServer" connectionString value in the machine.config file
    > > to see whether it remains the default value(with .net framework
    > > installation)? The default value should look like below:
    > >
    > > ===========
    > > <connectionStrings>
    > > <add name="LocalSqlServer" connectionString="data
    > > source=.\SQLEXPRESS;Integrated
    > > Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User
    > > Instance=true" providerName="System.Data.SqlClient" />
    > > </connectionStrings>
    > > ===========
    > >
    > >
    > >
    > > I have searched over the web and checked our internal database and found
    > > some similar issues, some are caused by the user account doesn't have
    > > sufficient permision, some are caused by the SQL Express is not correctly
    > > installed.
    > >
    > > AS for user account permission, since the web admin site will use the
    > > current logon user(which is using visual studio) as the security identity,
    > > I suggest you verfify whether the current user account has been added in
    > > the machine's "users" group. If it is a domain account, it is naturally
    > > added in the machine's users group.
    > >
    > > As for Sql Express database, since the default "LocalSqlServer" connection
    > > string use "User instance" setting, it will create dynamic sql express mdb
    > > files under the following directory(and start a separate sqlserver instance
    > > against it):
    > >
    > > "C:\Documents and Settings\<username>\Local Settings\Application
    > > Data\Microsoft\Microsoft SQL Server Data\SQLEXPRESS"
    > >
    > > You can verify whether there is any mdf files there. If not exists, the
    > > problem is possibly caused by the sql express user instance is not
    > > correctly created. There may exists some issue with the sqlexpress
    > > installation.
    > >
    > >
    > >
    > > In addition, for generic troubleshooting, we can do the following tests:
    > >
    > > 1) use sql profiler to trace the sqlexpress's connecting status when the
    > > web admin site try connecting to it
    > > (need to have sqlserver 2005 workstation components installed)
    > >
    > > 2) use filemon tool to trace any NTFS file access failure on the machine:
    > >
    > > http://www.sysinternals.com/utilities/filemon.html
    > >
    > > Hope this helps you some. If there is anything unclear, please feel free to
    > > let me know.
    > >
    > > Regards,
    > >
    > > Steven Cheng
    > > Microsoft MSDN Online Support Lead
    > >
    > >
    > > ==================================================
    > >
    > > When responding to posts, please "Reply to Group" via your newsreader so
    > > that others may learn and benefit from your issue.
    > >
    > > ==================================================
    > >
    > >
    > > This posting is provided "AS IS" with no warranties, and confers no rights.
    > >
    > >
    > >
    > > Get Secure! www.microsoft.com/security
    > > (This posting is provided "AS IS", with no warranties, and confers no
    > > rights.)
    > >
    > >
    > >
    Herb, Jul 14, 2006
    #4
  5. Herb

    Herb Guest

    I have found that by adding the following code to my web.config, everything
    works. This is in addition to the code I uploaded before. Question, I now
    have 2 sections called <providers>, one in ,roleManager> and one in
    <membership>. Is this kosher?

    <roleManager defaultProvider="SqlProvider"
    enabled="true"
    cacheRolesInCookie="true"
    cookieName=".ASPROLES"
    cookieTimeout="30"
    cookiePath="/"
    cookieRequireSSL="false"
    cookieSlidingExpiration="true"
    cookieProtection="All" >
    <providers>
    <add
    name="SqlProvider"
    type="System.Web.Security.SqlRoleProvider"
    connectionStringName="loginConnection"
    applicationName="NuclearDedication" />
    </providers>
    </roleManager>


    "Steven Cheng[MSFT]" wrote:

    > Hello Herb,
    >
    > Welcome to the ASP.NET newsgroup.
    >
    > From your description, I understand you have an ASP.NET 2.0/VS 2005 web
    > project. The application is configured to use SQL Server
    > provider(membership, role ...). The application can works at runtime,
    > however, when you use the web admin site to manage the web application's
    > security setting, you're getting "Unable to connect to SQL Server database"
    > error, correct? If there is anything I missed, please feel free to let me
    > know.
    >
    > Based on my experience, such problem is possibly caused by security
    > permission issue when the webadmin site page try connecting to the target
    > SQL Server database engine.And this is a bit hard to troubleshoot from the
    > appearance.
    >
    > Would please help me confirm the following things on your problem machine?
    >
    >
    >
    > 1. whether your ASP.NET 2.0 application is using the default local SQL
    > Express provider? Or have you manually changed to use other sqlserver
    > engine as the database provider?
    >
    > 2. If it is using the default sqlexpress provider, have you checked the
    > default "localSqlServer" connectionString value in the machine.config file
    > to see whether it remains the default value(with .net framework
    > installation)? The default value should look like below:
    >
    > ===========
    > <connectionStrings>
    > <add name="LocalSqlServer" connectionString="data
    > source=.\SQLEXPRESS;Integrated
    > Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User
    > Instance=true" providerName="System.Data.SqlClient" />
    > </connectionStrings>
    > ===========
    >
    >
    >
    > I have searched over the web and checked our internal database and found
    > some similar issues, some are caused by the user account doesn't have
    > sufficient permision, some are caused by the SQL Express is not correctly
    > installed.
    >
    > AS for user account permission, since the web admin site will use the
    > current logon user(which is using visual studio) as the security identity,
    > I suggest you verfify whether the current user account has been added in
    > the machine's "users" group. If it is a domain account, it is naturally
    > added in the machine's users group.
    >
    > As for Sql Express database, since the default "LocalSqlServer" connection
    > string use "User instance" setting, it will create dynamic sql express mdb
    > files under the following directory(and start a separate sqlserver instance
    > against it):
    >
    > "C:\Documents and Settings\<username>\Local Settings\Application
    > Data\Microsoft\Microsoft SQL Server Data\SQLEXPRESS"
    >
    > You can verify whether there is any mdf files there. If not exists, the
    > problem is possibly caused by the sql express user instance is not
    > correctly created. There may exists some issue with the sqlexpress
    > installation.
    >
    >
    >
    > In addition, for generic troubleshooting, we can do the following tests:
    >
    > 1) use sql profiler to trace the sqlexpress's connecting status when the
    > web admin site try connecting to it
    > (need to have sqlserver 2005 workstation components installed)
    >
    > 2) use filemon tool to trace any NTFS file access failure on the machine:
    >
    > http://www.sysinternals.com/utilities/filemon.html
    >
    > Hope this helps you some. If there is anything unclear, please feel free to
    > let me know.
    >
    > Regards,
    >
    > Steven Cheng
    > Microsoft MSDN Online Support Lead
    >
    >
    > ==================================================
    >
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    >
    > ==================================================
    >
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >
    >
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    >
    >
    Herb, Jul 14, 2006
    #5
  6. Thanks for your response and the further information.

    As you mentioned that the problem went away after you added the following
    config sections:

    =========================
    <roleManager defaultProvider="SqlProvider"
    enabled="true"
    cacheRolesInCookie="true"
    cookieName=".ASPROLES"
    cookieTimeout="30"
    cookiePath="/"
    cookieRequireSSL="false"
    cookieSlidingExpiration="true"
    cookieProtection="All" >
    <providers>
    <add
    name="SqlProvider"
    type="System.Web.Security.SqlRoleProvider"
    connectionStringName="loginConnection"
    applicationName="NuclearDedication" />
    </providers>
    </roleManager>

    ========================

    I think this make sense because if you're using both membership and role
    management service(enable role) in the ASP.NET application, the admin site
    will try establishing the connection to the storage of both the membership
    and role management providers(they're separated). Therefore in your
    scenario, if you haven't provided the custom "RoleManager" provide setting
    which pointing to your own SQL Server 7.0 database, the ASP.NET runtime
    still try connecting to the default "Local SQL Express" database, and
    result to the error you mentioned earlier. Do you think so?

    In addition, here is a blog article which has provided many good resources
    on ASP.NET 2.0 membership and role management service:

    #ASP.NET 2.0 Membership, Roles, Forms Authentication, and Security
    Resources
    http://weblogs.asp.net/scottgu/archive/2006/02/24/438953.aspx

    Hope this also helps. Please feel free to let me know if there is anything
    else you're looking for or we can help you.

    Regards,

    Steven Cheng
    Microsoft MSDN Online Support Lead


    ==================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may

    learn and benefit from your issue.

    ==================================================


    This posting is provided "AS IS" with no warranties, and confers no rights.



    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Steven Cheng[MSFT], Jul 16, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Visual Systems AB \(Martin Arvidsson\)

    Q: Website administration tool.

    Visual Systems AB \(Martin Arvidsson\), Nov 17, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    404
    John Murray
    Nov 17, 2005
  2. Replies:
    7
    Views:
    4,157
    =?Utf-8?B?RGFiYmxlcg==?=
    Jun 18, 2006
  3. Replies:
    1
    Views:
    412
    clintonG
    Feb 23, 2006
  4. clintonG
    Replies:
    0
    Views:
    476
    clintonG
    Mar 5, 2006
  5. =?Utf-8?B?RGFiYmxlcg==?=
    Replies:
    2
    Views:
    526
    =?Utf-8?B?RGFiYmxlcg==?=
    Mar 9, 2006
Loading...

Share This Page