Authorization

Hi,

How to develop the application will run under user who have permission to view the reports.

When multiple users are accessing reports for example in this case i have 5 users.

could anyone help to me.

regards

kumar

first i have some question are the user in Domain or not if so then you can give each user the privileges on the reports you want on the reporting service

and by code you get the identity of the user in the context and then he will gain the privileges on the reports he can view

this is a great article which explain how you can do this

http://msdn2.microsoft.com/en-us/library/ms159846.aspx

http://msdn2.microsoft.com/en-us/library/ms159778.aspx

sql

Authentication in SQL Server

Hi folks,

Got a massive problem.
I'm starting to develop a new website using ASP.NET v3.5 (the CTP of Microsoft's new Visual Web Developer "Orcas"). I saved the project onto a network drive (called X: for the purposes of this discussion) - X:\Orcas_WS\VVProject.
Set up a new database and table to upload files from an ASP.NET AJAX form to a database table, fields as follows:
[ImgID] - type int, Identity field, auto-increment of 1;
[GallID] - type int;
[GallPos] - type int;
[ImgContentType] - type nchar(10);
[ImgContent] - type image (binary data);

Worked a dream when running the development server on my laptop and using my own username and password to upload stuff to (in connection string, using Integrated Security = SSPI).
Have now uploaded this to a live server, installed .NET Framework v3.5 on my server, (attempted to) enable IUSR_MACHINE account to have read/write access to my DB and now it's all gone to pot. None of my accounts can authenticate against this DB using .NET - whether it's NETWORK SERVICE, or IUSR_CM-SUMM, even my own username and password, with Integrated Security both set to SSPI and False.
I am now getting intermittent errors where login will either succeed but .NET will try and use named pipes and says "there is nothing on the other end of the pipe" with an event 3005 in my event log, or I get an "login failed for user (username)" message and a failure audit in my event log.

I read up somewhere about having to deregister the Service Principal Name to avoid auth errors (which is what seems to be happening), but having trawled Microsoft's website for hours, there seems to be no documentation or instruction on how to deregister an SPN.

Please help folks, this project is financially lucrative and I want to make a fantastic impression on the client with a low development time overhead!

Many thanks in advance,

medicineworkerAdmin, please close thread, problem sorted - my MS SQL Server was being stoopid, my schema permissions had (rather strangely) been entirely wiped out... lol, have fixed.

Cheers!

Audit Records

One of the requirements for an application I helpping to develop is
providing audit records of add, updates and deletes including the user who
added, updated and deleted. This application is being sold commerically to
users who have different requirements including not needing audit records.
I was thinking that this could best be done using triggers, having first
requiring the the userid be updated each time. The trigger could simply
copy the row to an audit table for each insert and update. If the user does
not require auditing, don't install the triggers. If the user wishes audit
records only when certain columns have chanaged, then use the if
updated(column_name) logic.
It's the deletes I am having a problem with. I can certainly copy deleted
rows to the audit table, but how would I be able to include the userid of
the user initiating the delete?Inside your delete trigger, you can use USER_NAME() when you go to insert
the deleted row into your audit table.
Tom
----
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada
www.pinnaclepublishing.com
.
"Robert E. Flaherty" <bobflaherty@.charter.net> wrote in message
news:eun5$ZYMFHA.2384@.tk2msftngp13.phx.gbl...
One of the requirements for an application I helpping to develop is
providing audit records of add, updates and deletes including the user who
added, updated and deleted. This application is being sold commerically to
users who have different requirements including not needing audit records.
I was thinking that this could best be done using triggers, having first
requiring the the userid be updated each time. The trigger could simply
copy the row to an audit table for each insert and update. If the user does
not require auditing, don't install the triggers. If the user wishes audit
records only when certain columns have chanaged, then use the if
updated(column_name) logic.
It's the deletes I am having a problem with. I can certainly copy deleted
rows to the audit table, but how would I be able to include the userid of
the user initiating the delete?|||Thanks for the reply. All of the actions are going through an ISAPI DLL
with using standard user id and password. The user's id (which is an
application id and not a MS SQL Server login/userid) is passed on to the
database server as just another data element.
"Tom Moreau" <tom@.dont.spam.me.cips.ca> wrote in message
news:uKURYdYMFHA.2680@.TK2MSFTNGP09.phx.gbl...
> Inside your delete trigger, you can use USER_NAME() when you go to insert
> the deleted row into your audit table.
> --
> Tom
> ----
> Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
> SQL Server MVP
> Columnist, SQL Server Professional
> Toronto, ON Canada
> www.pinnaclepublishing.com
> .
> "Robert E. Flaherty" <bobflaherty@.charter.net> wrote in message
> news:eun5$ZYMFHA.2384@.tk2msftngp13.phx.gbl...
> One of the requirements for an application I helpping to develop is
> providing audit records of add, updates and deletes including the user who
> added, updated and deleted. This application is being sold commerically
> to
> users who have different requirements including not needing audit records.
> I was thinking that this could best be done using triggers, having first
> requiring the the userid be updated each time. The trigger could simply
> copy the row to an audit table for each insert and update. If the user
> does
> not require auditing, don't install the triggers. If the user wishes
> audit
> records only when certain columns have chanaged, then use the if
> updated(column_name) logic.
> It's the deletes I am having a problem with. I can certainly copy deleted
> rows to the audit table, but how would I be able to include the userid of
> the user initiating the delete?
>|||In that case, you'll have to manage that through a stored proc whereby you
feed the proc the user info.
Tom
----
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada
www.pinnaclepublishing.com
.
"Robert E. Flaherty" <bobflaherty@.charter.net> wrote in message
news:uuTXcoYMFHA.3336@.TK2MSFTNGP09.phx.gbl...
Thanks for the reply. All of the actions are going through an ISAPI DLL
with using standard user id and password. The user's id (which is an
application id and not a MS SQL Server login/userid) is passed on to the
database server as just another data element.
"Tom Moreau" <tom@.dont.spam.me.cips.ca> wrote in message
news:uKURYdYMFHA.2680@.TK2MSFTNGP09.phx.gbl...
> Inside your delete trigger, you can use USER_NAME() when you go to insert
> the deleted row into your audit table.
> --
> Tom
> ----
> Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
> SQL Server MVP
> Columnist, SQL Server Professional
> Toronto, ON Canada
> www.pinnaclepublishing.com
> .
> "Robert E. Flaherty" <bobflaherty@.charter.net> wrote in message
> news:eun5$ZYMFHA.2384@.tk2msftngp13.phx.gbl...
> One of the requirements for an application I helpping to develop is
> providing audit records of add, updates and deletes including the user who
> added, updated and deleted. This application is being sold commerically
> to
> users who have different requirements including not needing audit records.
> I was thinking that this could best be done using triggers, having first
> requiring the the userid be updated each time. The trigger could simply
> copy the row to an audit table for each insert and update. If the user
> does
> not require auditing, don't install the triggers. If the user wishes
> audit
> records only when certain columns have chanaged, then use the if
> updated(column_name) logic.
> It's the deletes I am having a problem with. I can certainly copy deleted
> rows to the audit table, but how would I be able to include the userid of
> the user initiating the delete?
>|||That is along the lines that I was thinking. The stored procedure designed
to delete a row would first update the UpdatedBy column with the user id of
the user requesting the deletion. The proc would then delete the row. A
trigger could then copy the row to an audit table.
I was wanting to know if there was a better way and/or more standard way of
doing this.
"Tom Moreau" <tom@.dont.spam.me.cips.ca> wrote in message
news:eGGQuuYMFHA.2420@.TK2MSFTNGP10.phx.gbl...
> In that case, you'll have to manage that through a stored proc whereby you
> feed the proc the user info.
> --
> Tom
> ----
> Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
> SQL Server MVP
> Columnist, SQL Server Professional
> Toronto, ON Canada
> www.pinnaclepublishing.com
> .
> "Robert E. Flaherty" <bobflaherty@.charter.net> wrote in message
> news:uuTXcoYMFHA.3336@.TK2MSFTNGP09.phx.gbl...
> Thanks for the reply. All of the actions are going through an ISAPI DLL
> with using standard user id and password. The user's id (which is an
> application id and not a MS SQL Server login/userid) is passed on to the
> database server as just another data element.
> "Tom Moreau" <tom@.dont.spam.me.cips.ca> wrote in message
> news:uKURYdYMFHA.2680@.TK2MSFTNGP09.phx.gbl...
>

Attaching files

I have just started using ASP.net.
I have to develop a system that attaches word and PDF files to form. I also need to be able to do a full text search on the documents attached.
I'm currently using SQL server 2000 as my backend DBMS, but I have never used it to attach files. My mates recommend using BLOGS but I'm not sure how to do this and I'm not sure if I can do a full text search using this solution.
Could some body please recommend a solution to get me started.
Thanks in advanced
PaddyYou have two requirements because Word and PDF files are better stored as IMAGE while FULL TEXT uses TEXT and NTEXT. FULL TEXT is an add on to SQL Server dependent on Microsoft Search and the Catalogs must be populate to get search results. Run a search for FULL TEXT, CONTAINS, CONTAINSTABLE, FREETEXT and FREETEXTTABLE in the BOL(books online). Hope this helps.