Ask a Question related to ASP Database, Design and Development.
-
Steven C #1
DB Rights / Security
Sorry if this is the wrong place for this post... not sure
whether this is IIS security or DB security.
2 boxes both running:
Win2K SP4
IIS5
I have a number of online eQuestionnaire applications that
read/write to the DB. It appears that directory security
of the wwwroot folder is identical for both machines (Web
Anonymous Users has write denied). When I submit using
the form to create records in the DB, my laptop allows it
under that security while my identical desktop says I must
use an updateable query. I know this means that it is a
rights issue.
The question, if I have numerous updateable DBs within
directories beneath the wwwroot, what should I set the
default security to on wwwroot so that the DBs can be
updated but that does not open up other security issues?
Thanks in advance.
Steven C Guest
-
Rights and Security on folders
Hi, I am having an issue with folder rights off of a share. Users have the rights to create folders. But I do not want them to be able to delete... -
Change Ownership and security rights all at once?
Is there a resource kit tool or a third party utility that I can use to do ownership and ACL rights all at once? I have a 700 GB directory that I... -
Cannot export with FH MXa (no rights...(?))
Hi all, I'm trying to create some flash page layout using Freehand MXa. When I need to export to flash swf, I encounter a big problem. An error... -
Adminitrator Rights
Hi Justin, is your PC part of domain or is this home PC? If it is part of domain, Domain administrator might have prevented you from using this... -
user rights
The entries in "user rights assignments" which comes under Local Computer policy-Windows settings-Local policies are greyed out so i cannot make... -
Ray at #2 Re: DB Rights / Security
Whatever account that is accessing the DB, typically IUSR_machine_name needs
to have permissions to modify files, create files, and delete files (in
addition to reading them, of course) in the directory that contains the .mdb
file. If you are not using anonymous access, then the authenticated users
need those permissions.
It's possible that the error you're getting has to do with %temp%
permissions though. Are you using an OLEDB connection string to your
database or ODBC? I've heard that when you use OLEDB you don't have to
worry about %temp% permissions, but I've also seen at least one disagreement
to that. Either way, make sure that your user (whether it's IUSR or your
authenticated users) have read/write permissions to the directory the
database is in (not just the .mdb itself) and use an OLEDB connection
string. ([url]www.connectionstrings.com[/url])
Also, by keeping your .mdb file in the wwwroot area, it is possible for
people to download your database. See here.
[url]http://www.aspfaq.com/show.asp?id=2454[/url]
Ray at work
"Steven C" <mepadre@hotmail.com> wrote in message
news:0cb401c3df86$46af6f60$a301280a@phx.gbl...> Sorry if this is the wrong place for this post... not sure
> whether this is IIS security or DB security.
>
> 2 boxes both running:
>
> Win2K SP4
> IIS5
>
> I have a number of online eQuestionnaire applications that
> read/write to the DB. It appears that directory security
> of the wwwroot folder is identical for both machines (Web
> Anonymous Users has write denied). When I submit using
> the form to create records in the DB, my laptop allows it
> under that security while my identical desktop says I must
> use an updateable query. I know this means that it is a
> rights issue.
>
> The question, if I have numerous updateable DBs within
> directories beneath the wwwroot, what should I set the
> default security to on wwwroot so that the DBs can be
> updated but that does not open up other security issues?
>
> Thanks in advance.
Ray at Guest
-
Steven C #3 Re: DB Rights / Security
Ray,
Thank you for your response. Indeed I am using OLEDB.
Just seem strange that two identically configured
computers would deal with the security differently (i.e.
one allows the write to take place, the other does not).
As for people accessing the DB, both of these machines are
only for development purposes so DB security / potential
for download is not a concern. When I move it to my live
server, the DBs are always stored below the web root.
Thanks for the advice though.
Regards,
Steven
IUSR_machine_name needs>-----Original Message-----
>Whatever account that is accessing the DB, typicallydelete files (in>to have permissions to modify files, create files, andthat contains the .mdb>addition to reading them, of course) in the directoryauthenticated users>file. If you are not using anonymous access, then thewith %temp%>need those permissions.
>
>It's possible that the error you're getting has to dostring to your>permissions though. Are you using an OLEDB connectiondon't have to>database or ODBC? I've heard that when you use OLEDB youleast one disagreement>worry about %temp% permissions, but I've also seen atit's IUSR or your>to that. Either way, make sure that your user (whetherdirectory the>authenticated users) have read/write permissions to theOLEDB connection>database is in (not just the .mdb itself) and use anis possible for>string. ([url]www.connectionstrings.com[/url])
>
>Also, by keeping your .mdb file in the wwwroot area, itsure>people to download your database. See here.
>[url]http://www.aspfaq.com/show.asp?id=2454[/url]
>
>Ray at work
>
>"Steven C" <mepadre@hotmail.com> wrote in message
>news:0cb401c3df86$46af6f60$a301280a@phx.gbl...>> Sorry if this is the wrong place for this post... notthat>> whether this is IIS security or DB security.
>>
>> 2 boxes both running:
>>
>> Win2K SP4
>> IIS5
>>
>> I have a number of online eQuestionnaire applicationssecurity>> read/write to the DB. It appears that directory(Web>> of the wwwroot folder is identical for both machinesit>> Anonymous Users has write denied). When I submit using
>> the form to create records in the DB, my laptop allowsmust>> under that security while my identical desktop says I>>> use an updateable query. I know this means that it is a
>> rights issue.
>>
>> The question, if I have numerous updateable DBs within
>> directories beneath the wwwroot, what should I set the
>> default security to on wwwroot so that the DBs can be
>> updated but that does not open up other security issues?
>>
>> Thanks in advance.
>
>.
>Steven C Guest
-
Ray at #4 Re: DB Rights / Security
Perhaps one of the machines has a FAT file system, hence no security. ?
Ray at work
"Steven C" <mepadre@hotmail.com> wrote in message
news:16df01c3df9d$1f2edbd0$a601280a@phx.gbl...> Ray,
>
> Thank you for your response. Indeed I am using OLEDB.
> Just seem strange that two identically configured
> computers would deal with the security differently (i.e.
> one allows the write to take place, the other does not).
>
> As for people accessing the DB, both of these machines are
> only for development purposes so DB security / potential
> for download is not a concern. When I move it to my live
> server, the DBs are always stored below the web root.
> Thanks for the advice though.
>
> Regards,
> Steven
>
>> IUSR_machine_name needs> >-----Original Message-----
> >Whatever account that is accessing the DB, typically> delete files (in> >to have permissions to modify files, create files, and> that contains the .mdb> >addition to reading them, of course) in the directory> authenticated users> >file. If you are not using anonymous access, then the> with %temp%> >need those permissions.
> >
> >It's possible that the error you're getting has to do> string to your> >permissions though. Are you using an OLEDB connection> don't have to> >database or ODBC? I've heard that when you use OLEDB you> least one disagreement> >worry about %temp% permissions, but I've also seen at> it's IUSR or your> >to that. Either way, make sure that your user (whether> directory the> >authenticated users) have read/write permissions to the> OLEDB connection> >database is in (not just the .mdb itself) and use an> is possible for> >string. ([url]www.connectionstrings.com[/url])
> >
> >Also, by keeping your .mdb file in the wwwroot area, it> sure> >people to download your database. See here.
> >[url]http://www.aspfaq.com/show.asp?id=2454[/url]
> >
> >Ray at work
> >
> >"Steven C" <mepadre@hotmail.com> wrote in message
> >news:0cb401c3df86$46af6f60$a301280a@phx.gbl...> >> Sorry if this is the wrong place for this post... not> that> >> whether this is IIS security or DB security.
> >>
> >> 2 boxes both running:
> >>
> >> Win2K SP4
> >> IIS5
> >>
> >> I have a number of online eQuestionnaire applications> security> >> read/write to the DB. It appears that directory> (Web> >> of the wwwroot folder is identical for both machines> it> >> Anonymous Users has write denied). When I submit using
> >> the form to create records in the DB, my laptop allows> must> >> under that security while my identical desktop says I> >> >> use an updateable query. I know this means that it is a
> >> rights issue.
> >>
> >> The question, if I have numerous updateable DBs within
> >> directories beneath the wwwroot, what should I set the
> >> default security to on wwwroot so that the DBs can be
> >> updated but that does not open up other security issues?
> >>
> >> Thanks in advance.
> >
> >.
> >
Ray at Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
