{"id":572,"date":"2014-01-18T06:34:09","date_gmt":"2014-01-18T06:34:09","guid":{"rendered":"http:\/\/elbsolutions.com\/projects\/?p=572"},"modified":"2022-02-03T11:25:03","modified_gmt":"2022-02-03T17:25:03","slug":"integrating-asp-app-users-users-permissions-401","status":"publish","type":"post","link":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/","title":{"rendered":"Integrating ASP app &#8211; Users and more users, more permissions and 401s"},"content":{"rendered":"<p>When you integrate a site onto its final server &#8211; things with windows get hairy. Here are some notes to get out of trouble<\/p>\n<ul>\n<li>seeing a 401 for anonymous user? Are your permissions for IUSR set to read, write, execute (<a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc770966(v=ws.10).aspx\" target=\"_blank\" rel=\"noopener noreferrer\">ref<\/a>)? This is for anonymous user. For a dynamic user, then you have to add permissions for NetworkService (see small note in <a href=\"http:\/\/stackoverflow.com\/questions\/8232922\/asp-pages-in-iis-using-localhost-401-3-error-do-not-have-permission\" target=\"_blank\" rel=\"noopener noreferrer\">this reference<\/a>) (6.1 &#8211; or see this article for 7.5). For this, I had an account called (built in account: ApplicationPoolIdentity &#8211; this not correct &#8211; I will keep digging)\n<ul>\n<li>you might also require the group IIS_IUSRS to have read, write, execute. It depends on your version of IIS (<a href=\"http:\/\/stackoverflow.com\/questions\/5045641\/user-asp-net-runs-under\" target=\"_blank\" rel=\"noopener noreferrer\">see this link &#8211; this is succinct<\/a>)<\/li>\n<li>ensure BOTH the user accessing the page and the AppPoolIdentity user BOTH have NTFS permissions set to the directory and subsequent web pages (<a href=\"http:\/\/stackoverflow.com\/questions\/5900616\/http-error-401-3-unauthorized\" target=\"_blank\" rel=\"noopener noreferrer\">reference<\/a>)<!--more--><\/li>\n<li>Do NOT set Everyone to Full &#8211; but it is a good test to see if the above will work.<\/li>\n<\/ul>\n<\/li>\n<li>I used the Login security stuff that came with the default forms. Now the server I was going to already had SQLSERVER pre-installed (VS2012 Express)<\/li>\n<li>The aspx debug version worked great &#8211; no issues &#8230; untilI published that part to the server (everything else worked)\n<ul>\n<li>First, FTP will not copy over your App_Data folder stuff. It is in the fine print when you set up your publishing scheme. Copy those over using a manual method (ironically FTP)<\/li>\n<li>The default website did NOT have a DefaultConnection String so I added it\n<ul>\n<li>&lt;add name=&#8221;DefaultConnection&#8221; providerName=&#8221;System.Data.SqlClient&#8221; connectionString=&#8221;Data Source=1KX8JZ;Initial Catalog=aspnet4;AttachDBFilename=|DataDirectory|\\aspnet.mdf; User Id=usernameaccount; password=xxxxxx&#8221; \/&gt;<\/li>\n<li>HOWEVER you will see it has a username and password that I then have to add into SQL Server &#8211; again a pain and more fiddling but it works (I can&#8217;t find the web article that led mere here &#8211; sorry &#8211; it is on Stack Overflow). <a href=\"http:\/\/blogs.msdn.com\/b\/jmeier\/archive\/2010\/03\/24\/how-to-use-asp-net-forms-auth-with-sql-server.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">This guy did get it to work<\/a><\/li>\n<li>Then I added this user &#8216;usernameaccount&#8217; to the SQL Database (using Management Studio) &#8211; note that I could NOT have a database pre-created called aspnet4. Why? Because it uses the file in the connection string under the App_Data directory called aspnet.mdf and fakes it in SQL Server as aspnet3<\/li>\n<li>this username &#8216;usernameaccount&#8217; had to have the following roles added for the master database\n<ul>\n<li>server roles: dbcreator<\/li>\n<li>database role membership for master: db_securityadmin<\/li>\n<li>database roles for the aspnet4? leave this alone &#8211; it configures itself<\/li>\n<\/ul>\n<\/li>\n<li>THEN I had to have full access to the App_Data directory for the user NT SERVICE\\MSSQLSERVER so that SQL could marry the real dB with the virtualized one (aspnet4).\n<ul>\n<li>you can find this user by running services.msc (Start-&gt;Control Panel-&gt;Administrator Tools-&gt;Services-&gt;SQL Server (XXXX)-&gt;Properties-&gt;Logon Tab<\/li>\n<\/ul>\n<\/li>\n<li>What a pain! This took me only 5 hours to figure out, hack and clean things up (broke a few things again- learned more &#8211; wrote it here). I hope it helps someone.<\/li>\n<li>\n<ul>\n<li>db_securityadmin<\/li>\n<\/ul>\n<p>Because everything in release vs. test was different, I had to use the Web.release.config transform file to put custom connection strings for the release server. I had to change my publish to &#8220;Release&#8221; under properties.<\/li>\n<\/ul>\n<p>Once I require a password reset &#8211; one needs to configure an email server and few other options. <a href=\"http:\/\/www.tutorialspoint.com\/asp.net\/asp.net_security.htm\">This is all summed up nice in this article.<\/a> <a href=\"http:\/\/www.codeproject.com\/Articles\/15693\/Password-Recovery\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.codeproject.com\/Articles\/15693\/Password-Recovery<\/a> is also good but incomplete (needs some work) All I did was add an smtp server and added the \u00a0\u00a0\u00a0\u00a0\u00a0 passwordFormat=&#8221;Hashed&#8221; attribute in Web.config to the &lt;membership&gt;&lt;providers&gt; xml node.<\/li>\n<\/ul>\n<\/li>\n<li>Other Links<\/li>\n<li><a href=\"http:\/\/www.itnota.com\/setup-user-access-and-roles-sql-server\/\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.itnota.com\/setup-user-access-and-roles-sql-server\/<\/a><\/li>\n<li>rolling out own WSAT: <a href=\"http:\/\/aspnet.4guysfromrolla.com\/articles\/052307-1.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/aspnet.4guysfromrolla.com\/articles\/052307-1.aspx<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>When you integrate a site onto its final server &#8211; things with windows get hairy. Here are some notes to get out of trouble seeing a 401 for anonymous user? Are your permissions for IUSR set to read, write, execute (ref)? This is for anonymous user. For a dynamic user, then you have to add [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,10,16,13],"tags":[],"class_list":["post-572","post","type-post","status-publish","format-standard","hentry","category-general","category-networks","category-sqlserver_ssrs","category-web-integration"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Integrating ASP app - Users and more users, more permissions and 401s - ELB Solutions.com Inc.<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Integrating ASP app - Users and more users, more permissions and 401s - ELB Solutions.com Inc.\" \/>\n<meta property=\"og:description\" content=\"When you integrate a site onto its final server &#8211; things with windows get hairy. Here are some notes to get out of trouble seeing a 401 for anonymous user? Are your permissions for IUSR set to read, write, execute (ref)? This is for anonymous user. For a dynamic user, then you have to add [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/\" \/>\n<meta property=\"og:site_name\" content=\"ELB Solutions.com Inc.\" \/>\n<meta property=\"article:published_time\" content=\"2014-01-18T06:34:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-03T17:25:03+00:00\" \/>\n<meta name=\"author\" content=\"Etienne Bley\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Etienne Bley\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/\"},\"author\":{\"name\":\"Etienne Bley\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\"},\"headline\":\"Integrating ASP app &#8211; Users and more users, more permissions and 401s\",\"datePublished\":\"2014-01-18T06:34:09+00:00\",\"dateModified\":\"2022-02-03T17:25:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/\"},\"wordCount\":646,\"articleSection\":[\"General\",\"Networks\",\"SQLServer_SSRS\",\"Web Integration\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/\",\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/\",\"name\":\"Integrating ASP app - Users and more users, more permissions and 401s - ELB Solutions.com Inc.\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#website\"},\"datePublished\":\"2014-01-18T06:34:09+00:00\",\"dateModified\":\"2022-02-03T17:25:03+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/integrating-asp-app-users-users-permissions-401\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Integrating ASP app &#8211; Users and more users, more permissions and 401s\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#website\",\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/\",\"name\":\"ELB Solutions.com Inc.\",\"description\":\"Bringing all your IT Pieces together\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\",\"name\":\"Etienne Bley\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"caption\":\"Etienne Bley\"},\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/author\\\/etienne-bley\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Integrating ASP app - Users and more users, more permissions and 401s - ELB Solutions.com Inc.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/","og_locale":"en_US","og_type":"article","og_title":"Integrating ASP app - Users and more users, more permissions and 401s - ELB Solutions.com Inc.","og_description":"When you integrate a site onto its final server &#8211; things with windows get hairy. Here are some notes to get out of trouble seeing a 401 for anonymous user? Are your permissions for IUSR set to read, write, execute (ref)? This is for anonymous user. For a dynamic user, then you have to add [&hellip;]","og_url":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/","og_site_name":"ELB Solutions.com Inc.","article_published_time":"2014-01-18T06:34:09+00:00","article_modified_time":"2022-02-03T17:25:03+00:00","author":"Etienne Bley","twitter_misc":{"Written by":"Etienne Bley","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/#article","isPartOf":{"@id":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/"},"author":{"name":"Etienne Bley","@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39"},"headline":"Integrating ASP app &#8211; Users and more users, more permissions and 401s","datePublished":"2014-01-18T06:34:09+00:00","dateModified":"2022-02-03T17:25:03+00:00","mainEntityOfPage":{"@id":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/"},"wordCount":646,"articleSection":["General","Networks","SQLServer_SSRS","Web Integration"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/","url":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/","name":"Integrating ASP app - Users and more users, more permissions and 401s - ELB Solutions.com Inc.","isPartOf":{"@id":"https:\/\/elbsolutions.com\/projects\/#website"},"datePublished":"2014-01-18T06:34:09+00:00","dateModified":"2022-02-03T17:25:03+00:00","author":{"@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39"},"breadcrumb":{"@id":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/elbsolutions.com\/projects\/integrating-asp-app-users-users-permissions-401\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/elbsolutions.com\/projects\/"},{"@type":"ListItem","position":2,"name":"Integrating ASP app &#8211; Users and more users, more permissions and 401s"}]},{"@type":"WebSite","@id":"https:\/\/elbsolutions.com\/projects\/#website","url":"https:\/\/elbsolutions.com\/projects\/","name":"ELB Solutions.com Inc.","description":"Bringing all your IT Pieces together","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/elbsolutions.com\/projects\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39","name":"Etienne Bley","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","caption":"Etienne Bley"},"url":"https:\/\/elbsolutions.com\/projects\/author\/etienne-bley\/"}]}},"_links":{"self":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/572","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/comments?post=572"}],"version-history":[{"count":13,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/572\/revisions"}],"predecessor-version":[{"id":2830,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/572\/revisions\/2830"}],"wp:attachment":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/media?parent=572"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/categories?post=572"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/tags?post=572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}