+1-888-365-2779
Try Now
More in this section

Forums / Set-up & Installation / Overcoming "User Instances" Limitations

Overcoming "User Instances" Limitations

5 posts, 0 answered
  1. Jeff
    Jeff avatar
    124 posts
    Registered:
    05 Aug 2007
    17 May 2008
    Link to this post
    When using the ASPNET account to access a SQL Express 2005 database, only one process can access the databas at a time.

    When Sitefinity is running, if I try to open the Sitefinity database in SQL Management Studio, I get an error.

    This is going to be a problem for me. I was wondering if SQL authentication (as opposed to Windows authentication) can overcome this limitation.

    Also, from a security standpoint, is one method better than the other?

    Thanks.
  2. Jeff
    Jeff avatar
    124 posts
    Registered:
    05 Aug 2007
    18 May 2008
    Link to this post
    OK, I answered the first question myself. I set up a SQL user, changed the connection string in the web.config of my project and I'm up and running.

    I'm still interested in security implications.

    Here are two bonuses I can think of for Windows Authentication:

      *  Microsoft suggests to use Windows authentication so that connection strings with passwords aren't lying around.
      *  With User Instance, no other process can modify the database while Sitefinity is live.

    Also, under SQL Authentication, what roles does Sitefinity need? sysadmin? serveradmin? securityadmin? I only want to enable the roles Sitefinity needs.

    Thanks,
    Jeff
  3. Nikifor
    Nikifor avatar
    232 posts
    Registered:
    18 May 2013
    20 May 2008
    Link to this post
    Hi Jeff,

    Sitefinity also supports the so called Integrated Security. This means that there is another way for getting a database access without exposing any passwords, users and such information. If you decide to try it, you should go through the following two steps:

    1. Set your project's connection string that you will use Integrated Security for authentication like this:
    <connectionStrings> 
    <add name="Sitefinity" connectionString="data source=localhost\sqlexpress;Integrated Security=SSPI;initial catalog=DBtest" 
    providerName="System.Data.SqlClient" /> 
    </connectionStrings> 

    2. Add the account under which the ASP.NET process is running as a db_owner in the SQL Management Studio.

    Hope that this answers your last question too. Please do not hesitate to ask if you have any further thoughts.

    All the best,
    Nikifor
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  4. Jeff
    Jeff avatar
    124 posts
    Registered:
    05 Aug 2007
    24 May 2008
    Link to this post
    OK, that works too.

    I guess I have some catching up to do on MS SQL Express. I migrating from MySQL where none of these logins are an option!

    I'd still like to know what server roles Sitefinity needs for the ASPNET user. It's a public-facing server so I don't want to give ASPNET any more power than it needs!

    Thanks for all your help.

    Jeff
  5. Nikifor
    Nikifor avatar
    232 posts
    Registered:
    18 May 2013
    26 May 2008
    Link to this post
    Hi Jeff,

    Unfortunately, the only "must" for the access permissions is that Sitefinity requires a db_owner right to the database. Otherwise, you would not be able to use it at all. This is part of Sitefinity's core structure and cannot be overridden.

    Regards,
    Nikifor
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
Register for webinar
5 posts, 0 answered