I have a remote hosted website with a MySQL database.
I am trying to access that database from a small C# program.
What I've tried:
Referencing the MySQL DLL in the project
Using MySQL connection strings
Disabling my firewall
Adding my IP address to the Remote MySQL Databases in the site's cPanel
What I'm getting:
Access denied for user blabla#mycomputerip in the Visual Studio console
What boggles my mind:
How can I find out if my webhosting service allows remote connections to the DB?
Do I really need to connect with PuTTy to the server and tweak the configs?
^ if so, do I even have access to do that?
LATER EDIT:
Interesting enough. If I do
GRANT ALL PRIVILEGES ON *.* TO 'myuser'#'%' WITH GRANT OPTION;
it throws me this:
#1045 - Access denied for user 'blabla'#'localhost' (using password: YES)
Common sense should tell you that my username is not actually 'blabla'.
LATER LATER EDIT:
I don't have privileges to CREATE USER, nor do I have SSH access via PuTTy or so.
Does this basically mean that it's my hosting's fault that I can't connect from a remote location to the DB?
Have a look at the users in your mysql database. A couple things to check:
With cPanel on shared hosting, if you create a user named blah the actual name of the user in mysql is often unixusername_blah. This is done automatically to prevent MySQL user name conflicts between different cPanel accounts sharing the same MySQL server.
With MySQL you can define which hosts a user is allowed to connect from. Is the new user you defined allowed to connect from your IP?
ETA:
Might want to have a look at the permissions for that user account and make sure appropriate permissions are granted. You can do this by running the following in phpMyAdmin or at the console:
SHOW GRANTS FOR 'something_root'#'localhost'
And compare the grants you see there to what you get here:
SHOW GRANTS FOR 'something_root'#'%'
Finally, depending on your hosting environment you may not have permissions to create new users or expand their privileges enough to be able to do this. This would be particularly likely if you have a shared hosting account.
How can I find out if my webhosting service allows remote connections?
It's better ask your whebhosting proveder, some allows remote connections, other no.
If they allow remote connections you may have to configure which hosts a user is allowed to connect from or, add a wildcard % to allow connections from any host.
Check if your hosting service allows connecting to its database server from outside its network.
Some hosting companies like GoDaddy, by default, don't allow this.
Also, you need to create a database user and assign permissions to it, through your preferred database administration tool.
reset mysql user password and then try again
http://dev.mysql.com/doc/refman/5.1/en/resetting-permissions.html
Related
I created a desktop application which runs with SQL Database. In my machine installation runs perfect. When installing in other machines it do not. Message is:
Cannot open database “verticaladminmod” requested by the login. The login failed. Login failed for “Fina-PC\Fina”
My machine:
Name “MI_PC-PC”
Owner: “MI_PC-PC\MI_PC”
Database: “verticaladminmod”
Connection string:
Data Source=localhost;Initial Catalog=verticaladminmod;Integrated Security=True
Windows 7 64 bit
SQL Server 2014 Express, instance “SQL Server (MSSQLSERVER)”
Other machine installation:
Name “FINA-PC”
User Name: “Fina-PC\Fina”
Windows 7 32 bit
SQL Server 2012 Express, instance “SQL Server (MSSQLSERVER)”
Already understand it should be a matter of credentials, but after several attempts could not get to make it work. Need specific orientation with detailed steps if possible in order to configure where needed looking forward to resolve this issue and understand it in depth as well. Thank you so much!
First, the connection string needs to point at the correct machine (FINA-PC rather than localhost). In some cases you need an instance there, as well (ie FINA-PC\MSSQLSERVER), but with the default instance you can skip the instance name. This is why localhost worked in the original connection string.
Once that is fixed, we can talk about authentication. If you want integrated security to work across machines you also want to have an Active Directory domain. If you don't have an Active Directory domain, you want to switch to SQL authentication.
SQL authentication requires you to create a user ("login", in Sql Server parlance) in the database with it's own username and password you can put in the connection string. Do not use the sa account for this. You must also then be very careful with how you store the connection string, or any decompiler will show the credential and provide full access to your DB. Once you have the new login and connection string, you must also grant permissions for the account to do the operations you need within your database.
Please forgive me if the title is not correct. I am still trying to understand how this works.
I have installed MySQL workbench and the MySQL server on my laptop. I have successfully created a database that store driver details, as per the picture.
I can access this info only one my laptop. However, I would also like to access this info from other PC's. I was thinking of having the main database in a secured room and then connecting about 3 additional PCs to the main database.
I have also written a simple c# script on Visual Studio that runs on my main laptop where the database is stored. This script just allows a user to enter his username and password and then displays the contains of the database (the table in the database) on a datagrid view. I have included the SQL injection code to prevent unwanted characters. This application also allows the user to insert, update, and delete info from the database provided the user that logs in has these privileges granted.
Now I would also like to run this application on the other 3 PC's, but obviously I have a problem. This problem is these PC's cannot access the main database. The main database user has privileges that allow him to alter the database but the other uses that are located in the access points to do not have this privilege. All they can do it enter their username and password and see the data from the database been displayed on the datagrid view.
So my question is how do I grant access to these other three PC's to access the main database?
MySQL Workbench and MySQL server is so far only installed on my laptop and not on the other 3 PC's.
Database users
Error message
The entire point of database technology is to allow multiple clients to access the same server and share the same data. (Actually there's another point: the ability to handle vast amounts of data. But that's not your problem right now.)
Here's what you need to do.
Get MySQL server software set up on a server in your server room. Find out the hostname of that server.
Log in to that server using MySQL Workbench. It asks you for the hostname.
Use Workbench to migrate your data from your localhost MySQL server to the one in the server room. Workbench has decent features to help you do that.
Create a mysql account on the shared server that just has access to the database you just created. Keep in mind that MySQL users look like this: 'david'#'localhost' or 'david'#'*' or 'mickey'#'*.animation.disney.com'. That is, they specify both the username and the machine the user runs on.
Change your C# connection string to mention the shared server's hostname and the account you just created.
myConnectionString = "server=shared.example.com;uid=root;pwd=12345;database=test";
Somehow tell the other users of your app to use this connection string.
There's another, simpler but less robust, way to do all this. Make sure your laptop has its own hostname. I dunno, david.example.com maybe? Ask your local LAN or VPN administrator. Or just use your laptop's IP address in place of a hostname. Then put that hostname into your connection string. Then other users of your application can hit the MySQL server on your laptop. But, if you switch off your laptop and take it home they'll lose access.
I have created a windows service to monitor receive location and send port events i.e. start/stop/enabled/disabled/enlisted/unenlisted for a local BizTalk server machine using a WMI ManagementScope class scope:
string strScope = #"\\.\root\MicrosoftBizTalkServer";
But when I try pointing at a remote machine/server to capture events using:
string strScope = string.Format(#"\\{0}\root\MicrosoftBizTalkServer", node.Address);
I receive an odd WMI error. The typical remote machine I am trying to point towards is a similar windows server with one small distinction that its BizTalk server is pointing to a SQL server located on yet another server within the network.
After a lot of googling and searching, I came across information pointing at a possible cause of failure being the classic "Double-hop" issue which occurs when we try to access remote BizTalk server when its SQL server is on another machine.
Within visual studio I was not getting enough information on the error that I tried a windows built-in tool "wbemtest.exe" to troubleshoot what was going on only to uncover a long error message such as this:
BizTalk Server cannot access SQL server. This could be due to one of the following reasons:
\n1. Access permissions have been denied to the current user. Either log on as a user that has been granted permissions to SQL and try again, or grant the current user permission to access SQL Server.
\n2. The SQL Server does not exist or an invalid database name has been specified. Check the name entered for the SQL Server and database to make sure they are correct as provided during SQL Server installation.
\n3. The SQL Server exists, but is not currently running. Use the Windows Service Control Manager or SQL Enterprise Manager to start SQL Server, and try again.
\n4. A SQL database file with the same name as the specified database already exists in the Microsoft SQL Server data folder.
\n
\nInternal error from OLEDB provider: \"Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.\""
I have tried playing with Firewall and DCOM setting under Administrative Services -> Component Services but no setting is working for me to pass on my user's credentials via "impersonation" and retrieve back receive location / send ports information.
Please share a workaround/solution/configuration settings that actually addresses this issue.
After a lot of research and thorough study, the solution was achieved via enabling / configuring Kerberos authentication for the non-domain admin. service account user and machines involved in communication i.e. client (machine sending WMI based request), Biztalk node (machine responding to the WMI based request) and SQL Server node (machine hosting / running SQL Server database engine service and most importantly Biztalk's databases which include messagebox, tracking, management and SSO).
This was all done under a single domain and delegation was setup for both the Biztalk node and SQL Server node along with the service account used.
DCOM permissions were granted to the service account for WMI and DTC(Distributed Transaction Coordinator) permissions were setup.
Appropriate SPNs were generated and appropriate SQL Server permissions were granted to the service account initiating WMI request in delegation mode.
Verified that Kerberos was enabled for the particular service account using the following SQL query:
select session_id,net_transport,client_net_address,auth_scheme from sys.dm_exec_connections
This is a double hop issue only, the problem you are facing is because you are trying to run a service and access remote server BizTalk server, which is then trying to logon to a remote SQL server. Your credential only reaches to BizTalk server but BizTalk server does not pass your credentials to another server.
Refer to this link for solution
Similar Issue
I have used the ASP.net with C#. I want to access the SQL Server database through web server. When executing my application from development area it's working but after deploy the application to the IIS server it shows the following exception:
CREATE DATABASE permission denied in database 'master'. An attempt to
attach an auto-named database for file D:\newtest\newtest.mdf failed.
A database with the same name exists, or specified file cannot be
opened, or it is located on UNC share.
I have used the following connection string to attached with database
Data Source = .\\SQLEXPRESS;AttachDbFileName=databasepath; Integrated Security=true
How do I access the SQL Server database Remotely through IIS?
Although the answer by Sanjay is correct, it doesn't really explain why you're getting the permission denied.
Code running in ASP.NET / IIS runs as a specific user, as defied in the worker process' config. For IIS 6 [Server 2003] (and below, I think) the default was NETWORK SERVICE for IIS 7+ [Server 2008], the default behavior is to run as a special application pool user IISAPPPOOL\yourAppPoolName.
If you grant the requisite permissions on your database for the correct user account(s) -- you should be able to get around the error and still use integrated security.
As an aside, it is generally a good idea to give the most restrictive (yet still operable) set of permissions on your database. CREATE DATABASE requires a pretty high permission level (I don't remember what off the top of my head.) If you grant that to your IIS application, you run a significant risk of allowing a less than honorable user taking control of your database system and wreaking havoc on it.
Hey Create Credential with SQL server and update your config file
connectionString="Data Source=Abcl\SQLEXPRESS;Initial Catalog=master;User ID=sa;Password=pwd12" providerName="System.Data.SqlClient"
if your are using db file like mdf
Pls use like this
connectionString="AttachDbFilename='C:\Documents and Settings\nmartin\My Documents\PS_Upload\TimeTrack\src\TimeTracker\TimeTrack\App_Data\ASPNETDB.MDF';Integrated Security=True; User Instance=True"
They key is that you've used Integrated Security=True in your conneciton string.
When you run your project in your development environment, the web application usually runs as your local user account. Furthermore, your account is usually a privileged user (admin) on the local SQL instance.
On your deployment server, IIS usually runs as a local machine account (or an account provisioned for your AppPool). That account usually doesn't have any special privileges on the SQL server instace.
As debracey points out, you normally don't want to have your app's SQL privileges high enough to cause any harm (even if it's an honest mistake on your part). One common pattern to avoid tihs is to have two separate SQL accounts for your app:
A high-priviledged account for creating and modifying your database schmea (e.g. db_owner role)
A limited-privilege account for accessing your database while your app runs (e.g. db_datareader and/or db_datawriter role)
I'm developing a C# application that needs to connect to a file share (using a service-level account) to download images.
The problem I'm encountering is that the users already have a set of credentials on that share's server that they use for other shares. It's like if you have a share mapped to a drive, you can't log into another share on the same server with different credentials. So when I try and log on with separate credentials for this app's share, I get:
"error 1219: Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again."
The code I'm using to try and connect to the share from this example, it uses the WNetUseConnection function.
Any ideas? Thanks.
edit: I've found a workaround for this, I just connect with the host IP address instead of the host name.
Make sure you are disconnecting the user once they are done, otherwise it is crowding the server and it can't allow same user anymore. Restart the server and close all connection after each usage.