Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 2 years ago.
Improve this question
I get error "Insufficient privileges to operate on user" when I run drop user SNOWFLAKE.
Is that a special user in snowflake?
Thanks
Query ID: 0193baea-0044-27e5-0000-0f4d000f339a
I have disabled, and dropped support users in the past, but the long and short of it is, they have quite tight protocols over accessing customer accounts. And if they need to access your account they just create new accounts. So it is not like "you can keep them out", they are running the matrix as such..
I believe this is a system user, yes. If you run SHOW USERS you'll see that it was created at the time when your snowflake environment was set up, and that the user has no password and has probably never been logged in. Also, you cannot user DESCRIBE USER for this user as with normal user defined users.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
So I have created a WPF with a local DB, however for billing I get the users to log into the WPF application which uses an API I made to check their subscription status.
Everything is working smoothly however I have been requested if there can be a 'remember me' autologin feature as the app runs in their business daily and they don't want to log in every morning.
I want to do this but I'm a bit lost as to the correct procedure or pathway or what is the right direction.
as a note: there isn't any sensitive data etc so leaving it easy to access isn't really the end of the world.
Options that I can think of:
User logs in and has "remember me" ticked:
1.
login is verified and API key is saved into registry
Next boot, if there is a value in registry for API, check this works to access data. If not, re run login.
IF apikey were found in registry.. there isn't much that it can be used for unless the person knows all my API endpoints etc.. which are all PUT, no delete or even get..
Store actual username and perhaps a bcrypt of the password in registry
I don't like this method as it means the user and pass are out in the open and can be used in the program directly, whereas the API can't be used in the program, just externally if someone wanted to go to the effort of coding it all!
Anyway, thats all I can think of to bypass a login screen.
I'm sure there is a better way and hopefully someone can point me in the right direction.
I would go with option 1. That way you're never storing the user creds, and you can revoke access server side if necessary by invalidating the cached API key.
Check out the DPAPI for storing secrets locally. It lets you encrypt data based on the current Windows user, so other users won't be able to decrypt even if they can access the data in eg registry.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
(Submitting the following on behalf of a Snowflake User)
I'm looking to find a way to force MFA on all accounts, but understand that this can only be accomplished on a user-by-user basis. Is there any way to set it so that all users must use MFA?
Can anyone recommend a script that does this for all users?
Any recommendations (or alternatives) would be greatly appreciated! THX!
There is no mandatory opt-in for MFA as of now but a feature request for central MFA administration is in process. To identify those users who have not enrolled, one can use login_history/login_history_by_user information schema views to highlight those users. Specifically, when the column 'SECOND_AUTHENTICATION_FACTOR' is NULL, we know users have not enrolled in MFA.
Reference:
login_history
There is the option MINS_TO_BYPASS_MFA that gives people time to login, and enable MFA themselves, and if they don't they are locked out.. so you tell them, log in and set it up...
MFA docs
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions concerning problems with code you've written must describe the specific problem — and include valid code to reproduce it — in the question itself. See SSCCE.org for guidance.
Closed 9 years ago.
Improve this question
I am creating a database for IS, so where should I keep user's IP address - in a table "users" or somewhere else? (for example, "comments" table etc)
Keeping the IP of the user is a security measure to protect againts session hijacking, so it makes sense that you store it inside your session. If sessions are saved in the database, the session table is the place where I would add the IP column.
It depends of the essence and the meaning this data holds in the system. As long as you know that a client with DHCP configuration might have a different IP address every time he access your site
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am a healthcare provider and am changing billers for insurance claims and have requested a copy of existing data from the previous biller. The previous biller provided me with a .rpt that was created with a program called EDI Claims V64.1by EDI Healthclaims Network (antiquated program and the company is out of business).
The file is an old version of Crystal Reports and the current SAP reader did not work. I finally found a report reader that tried to open the file, but was then prompted for a password with username "admin". Previous biller does not have the password and is not sure why it is requested when trying to view the report. She also claims that there is no way to export reports in another format (excel, CSV, XML, etc) using her program. (I am skeptical of this claim, but have yet to see the program and check.) She is now saying she would have to print out the 250 page report and give me a hard copy (charging me of course), but a hard copy is not very helpful.
I am no tech flunkie, but am no programmer or database guy. I am also new in my business endeavor and the person I use for IT help is unable to help with this very important matter. If anyone has any direction or guidance about how to access the data, or someone to direct me to pay to help resolve this situation, I would be extremely grateful.
Thank you in advance.
Patrick
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I'm currently developing a small application in WPF for us at work though I'm not a professional software engineer, so this might be obvious. However, I cannot find an answer to my question (maybe I used the wrong keywords)
Anyway, our computers are setup so that we need to log on through Novell Client for Windows. The password from the Novell account is synced with the Windows 'Administrator' account. Thus, effectively, everyone is Administrator on his machine. Novell is used to authenticate against a local Fileserver.
The problem now is, when I try to get the Username in my application using Environment.Username or any other method, I will only ever get 'Administrator' as the logged in user.
Question: How can I get the Novell username from my WPF application?
Thanks in advance
A bit late with the answer but I believe you will find the name of the current user logged into Netware or NDS in the windows registry if you do a search.