Deny users to change data through backend

What is the Web execution account :doh:

Hi Folks, I have a ASP.NET Web intranet application that allows users to access tables and add, modify,view, or delete records. The tables, stored procedures are present in SQL 2005 on Windows 2003. Each of my client boxes has SQL Server Management Studio. The authentication mode is Windows. What I want is any user other than administrator should not have permission to change data through back-end. The real question is he should be able to change data only through the front-end application. If he accesses database from the Management Studio he should not be allowed to alter tables and stored procedures. My main concern is would denying permissions on tables in back-end affect the functionality of adding, modifying, and deleting data through front-end. Please help me out. Regards, V1i9n6o7d

Dear all, How can I connect to an Oracle database under Linux from a ASP.Net Web (intranet) application to be hosted on IIS. To summarize the platform is as follows IIS on Windows 2003 - Web Server Oracle 10g under Red Hat Linux - database (Note: database is on Linux platform) Application has been developed in ASP.NET in Visual Studio 2008. What all settings do I need to make to make this application connect to Oracle. Thanx in advance.

Hi all, I am using SQL Server 2000 in my organization. We have several databases. I want to restrict a set of users from accessing other databases using Enterprise Manager. In other words, these users should be able to access only their database where they have been created as users through Enterprise Manager. Now I have read that creating Database specific roles help to restrict access. But unfortunately the role permissions cannot be spanned across databases. Therefore, are any SQL MVPs or intelligent readers out there who can provide me an answer. Many thanx in advance. Regards vinodi

Hi, A very newbie question to all you learned folks. I am writing a trigger through Enterprise Manager (using the option New Stored Procedure...) The following is my code

create trigger trig1 on table1
for insert
as
select * from table2
go

When I check the syntax by pressing the Check Syntax button it says Syntax Ok but when I press the OK button to close the stored procedure editor it states the following error

Error 21001:[SQL-DMO]Stored Procedure definition must include name and text (for StandardStoredProcedure or library name for ExtendedStoredProcedure)

Now the stupid question, how do I write a trigger through SQL Enterprise Manager for a particular table.:mad:

I think you are trying to imitate the OneNote application that comes with MSOffice.

Consider a scenario where a user puts the impersonate element with user name and password in web.config file. If the underlying domain has a policy of changing password every 15 days will impersonation work? May be a dumb question, but what should be done in that case?

Hi, I am trying to authenticate a user by using his Windows credentials on an intranet website. In my web.config I have authentication set to Windows and in IIS I have enabled Integrated Windows authentication on my virtual directory. I am using System.DirectoryServices also I have the following code snippet written in C# DirectoryEntry direntry = new DirectoryEntry("LDAP://DC=xyz,DC=COM",Text1.text,Text2.Text); Try { Object nat; nat = direntry.NativeObject; Response.Redirect("~/Forms/someform.aspx"); } catch(Exception e) { } The above mentioned code works only for a particular username and password and for all others the code throws a System.DirectoryServices.DirectoryServicesCOMException. I do not have any impersonation enabled in my web.config. Any more inputs from my side or is this info sufficient for anybody trying to throw some light on the problem. Thanx in advance.

Thanx Chris :)

Hi, In a web site I want to disallow users to give absolute addresses in the address bar for accessing web pages. Let me illustrate with an example. Suppose my website has three webpages login.aspx,a.aspx, and b.aspx I do not want the users to navigate to a.aspx or b.aspx by giving the following url in the address bar http://www.mywebsite.com/a.aspx or http://www.mywebsite.com/b.aspx Login.aspx is the startup page of the website. They should be able to access this web pages only if they have logged in. Regards Vinod

Hi, I want to create a report in Excel through an ASP.NET application. What is the approach that I need to take. I will be picking up the necessary data from a database server and arranging the data in required cells with proper formatting.

Thanx a lot. It worked. :-D

Yeah, back to the "Bronzed" look. I also lost my "Silver" sheen over this weekend. :-D

Hi, I have the directory named NDP on my local machine (named PC4) which is in a domain. On my domain server, I have IIS 6.0 (windows 2003) and database server. I have the following sample code protected void Button1_Click(object sender, EventArgs e) { Label1.Text = ""; DataTable dt = new DataTable(); StreamReader sr = new StreamReader(@"\\Pc4\C$\NDP\Test1.csv"); string line; while((line = sr.ReadLine()) != null) { Label1.Text += line; } I have impersonate="true" in web.config file. The authentication mode is WIndows Integrated authentication. I have given permissions to ASPNET accounts and Windows accounts for the NDP folder. Can I read this .csv file? Because it is giving me error. I have also this code. protected void Page_Load(object sender, EventArgs e) { String username = System.Security.Principal.WindowsIdentity.GetCurrent().Name; Label1.Text = username; } When executed it gives me the name of the user through which I have logged in but does not give access to my shared folder. Totally stumped. Any Solutions???:confused:

Read through the scenario. client A wants to read files from another client B present in the same network. But this reading should be done through a ASP.NET web application . In other words a client should be able to read a text file present on another client in the same network. This scenario would be applicable in an intranet application. The thing to note is that the path of client B would be present in the server. The client A would pick the path from the server and navigate automatically to client B, hunt down the necessary folder and read the text files and store the necessary data in a database. Here is the code on which I am working protected void Button1_Click(object sender, EventArgs e) { DataTable dt = new DataTable(); StreamReader sr = new StreamReader(@"\\Pc4\C$\NDP\Test1.csv"); string line; while((line = sr.ReadLine()) != null) { Label1.Text += line; } } The client A when he executes this code is intending to access another client B (Here it is PC4 in the same domain). The code resides on server in Win 2K3 box. I have identity impersonate="true" in web.config. In the Directory security I have Anonymous Access and Windows Authentication turned on. So the basic flow is Client A User requests through browser an aspx file residing on the server. On the form provided by the aspx file he clicks on the button to open a file in a location specified in the above mentioned code. This location is present on a machine (named PC4) which belongs in the same domain as client A. The NDP folder mentioned in the path is also shared and contains access permissions for user account who is making request as client A. When I click on the button, it gives me a HTTP 404 error - stating File or Directory not found. In the address bar I get to see http://192.168.0.1/abtsweb/Genericerrorpage.htm?aspxerrorpath=/abtsweb/readingtextfile.aspx Now what should be done in this case.

I have identity impersonate="true" in web.config. In the Directory security I have Anonymous Access and Windows Authentication turned on.

V.Anand from India does not have such whimsical peculiarities. A very down-to-earth chess player with no tantrums and baggage associated with him.

Right Click on the aspx file in Solution Explorer. Choose Browse with... option. Select your browser. oops I nearly forgot. You can press the Set as Default button to make it default browser for your .net applications

Read through the scenario.

client A wants to read files from another client B present in the same network. But this reading should be done through a ASP.NET web application . In other words a client should be able to read a text file present on another client in the same network.

This scenario would be applicable in an intranet application. The thing to note is that the path of client B would be present in the server. The client A would pick the path from the server and navigate automatically to client B, hunt down the necessary folder and read the text files and store the necessary data in a database.

This was my earlier post yesterday. I intend to carry this forward for gathering more insight. Here is the code on which I am working protected void Button1_Click(object sender, EventArgs e) { DataTable dt = new DataTable(); StreamReader sr = new StreamReader(@"\\Pc4\C$\NDP\Test1.csv"); string line; while((line = sr.ReadLine()) != null) { Label1.Text += line; } } The client A when he executes this code is intending to access another client B (Here it is PC4 in the same domain). In my web.config I have . The code resides on server in Win 2K3 box. This program works fine when I am executing it from the server, but fails from a client. Any pointers or are further clarifications required?

Read through the scenario. client A wants to read files from another client B present in the same network. But this reading should be done through a ASP.NET web application . In other words a client should be able to read a text file present on another client in the same network. This scenario would be applicable in an intranet application. The thing to note is that the path of client B would be present in the server. The client A would pick the path from the server and navigate automatically to client B, hunt down the necessary folder and read the text files and store the necessary data in a database.