I have a database hosted in a remote server that I'd like to connect to PhpStorm. This URL is protected by a login system handled through .htaccess/.htpasswd, and thus PhpStorm can't achieve to connect to the URL.
Is there a way to specify the credentials defined in my .htpasswd to PhpStorm, so it authenticates to it before trying to access the database?
Related
I have a VNET configuration in Azure with the following subnet configuration
subnet1 - 10.16.1.0/24 - VM's
subnet2 - 10.16.2.0/24 - Database
subnet3 - 10.16.3.0/24 - PowerBI Access
subnet2 has Azure SQL server with firewall no public access
subnet3 has been enabled for PowerBI private endpoint as per steps here
https://learn.microsoft.com/en-us/power-bi/admin/service-security-private-links
I login to the VM download PowerBI desktop connect to the database create a report. I publish the report to PowerBI Service.
I am able to access the Azure SQL from PowerBI Desktop and from the VM using "Microsoft SQL Server Management Studio"
When I log in to PowerBI Service and provide credentials for the database access, I cannot access the database.
The error I am getting from powerBI service
Configure database
Failed to update data source credentials: Reason: An instance-specific error occurred while establishing a connection to SQL Server. Connection was denied since Deny Public Network Access is set to Yes (https://learn.microsoft.com/azure/azure-sql/database/connectivity-settings#deny-public-network-access). To connect to this server, use the Private Endpoint from inside your virtual network (https://learn.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database).
If I set
Deny Public Network Acces to No
and set
Allow Azure services and resources to access this server to Yes
Then I can connect to the database from any subscription using the private link, userid & password
With the setting
Deny Public Network Acces to No
Access from Azure Data Factory is not an issue, as I can create a privatelink to the database from ADF and use that connection.
Appreciate any help
How can I enable the connection from PowerBI Service
If you want to keep your settings on Azure SQL as private and not have to manage the firewall, you'll have to install an on-prem gateway to the VM.
I've also been trying to find another route as well, and since the Power BI service is in the cloud there's no way to have it join the private Azure VNET without have a gateway installed on a node that is inside of the network.
You can find the instructions here: https://learn.microsoft.com/en-us/power-bi/connect-data/service-gateway-onprem
I have one machine running IIS10, another machine running SQL Server Express. I have create an ASP.NET Razor pages web application. All machines are Windows 10 pro.
I cannot for the life of me figure out how to take the credentials from the web app, pass to IIS, and pass to SQL Server. I want to manager access to SQL Server at the user level, not the IIS DefaultAppPool identity.
Has anyone done this before?
Are you trying to pass the user's network login to the database instead of using a dedicated DB account? I think you need a trusted connection.
Grant your users access to your DB
Disable anonymous access in IIS and set the site up SSL
In your connection string set the Trusted_Connection property to true
Connection Strings
If the user is on any browser except IE, they'll probably be prompted for their credentials.
Background:
ASP.Net MVC website. Hosted on IIS7, intranet.
Database: SQL Server. Accessed via NHibernate.
In the connection string, access is set to Integrated Security: SSPI.
(Permissions to DB are Active-Directory-based.)
In short, this is a typical double-hop situation,
where I need to pass client's credentials to IIS, and from IIS to SQL Server.
The Problem:
The problem is a yellow screen of death, with the error:
Login failed for user 'MyDomain\UserThatRunsAppPool'.
Things I tried doing to fix The Problem:
Configuring authentication to enable only Windows Authentication
and ASP.NET Impersonation
Setting Windows Authentication Provider to Negotiate:Kerberos
(After disabling Kernel-mode authentication)
Making sure that UserThatRunsAppPool's delegation is set to:
'Trust the user for delegation to any service (Kerberos only)' in Active Directory
Moving the NHibernate SessionFactory creation from Application_BeginRequest()
to Session_Start()
How successful I've been with my attempts to fix The Problem:
Not at all.
EDIT:
I also tried setting IIS server's delegation to 'Trust the user for delegation to any service (Kerberos only)' (in Active Directory).
In short, this is a typical double-hop situation,
where I need to pass client's credentials to IIS, and from IIS to SQL Server.
You've hit upon the "delegation" problem. If you want to remain sane, change your connection string to use a SQL username + password instead of SSPI.
If you feel like two weeks of frustrated debugging and quarreling with your domain admins, read Fun with the Kerberos Delegation Web Site.
I have a question about how to configure my web site and IIS using Active Directory.
I have a web app which will be running exclusively on our company's internal network. The SQL Database that the app needs to connect to (via active directory) can only be accessed by one specific AD user DBAccess but I am using Windows Authentication mode to validate my users. I would put the identity impersonate right into my Web.Config but the DB user does not have rights on the web server computer.
How would I configure IIS to use the DB Access user for connecting to the SQL Server and not for running locally on the web server?
Thanks in advance and sorry if this is a bit basic.
Set the application pool your application is using to run as the user you wish to connect to the DB as.
Add Integrated Security=true; to your connection string.
I am accessing my server through remote desktop connection and have configured a webservice in IIS. I am able to see the methods but when I click on the button to "Invoke" I get the following error:
System.Data.SqlClient.SqlException: Login failed for user 'SOLDev\Server02$'.
at ShareWare.Web.Service.WebAPI.Reservation.GetInfo()
Why is it taking the machine name as the user?
My windows authentication user is User1Dev.
Also my directory security in IIS is setup as follows:
Option "Enable anonymous access" -- it's disabled
Option "Integrated Windows Authentication" -- checked off
I am using .NET framework 2.0
Your web service connects to the SQL using Windows authentication as the principal running the service. In this case it appears to be BUILTIN\System or BUILTIN\Network Service, both of which authenticate in the domain as the machine account, ie. 'SOLDEV\Server02$' which corresponds to a machine named Server02 in the domain SOLDEV.
If you wish to authenticate on the SQL Server with your own login, then the IIS must flow the authentication information, in a process called Constrained Delegation. See Configuring Constrained Delegation for Kerberos (IIS 6.0). or How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0.
If you want the web service to authenticate to SQL Server as itself, then you must grant login permission to the web service principal on SQL: CREATE LOGIN [SOLDEV\Server02$] FROM WINDOWS.
It's because the web service is running as the Network Service id, not as the logged in user. You probably also need to have <identity impersonate="true" /> in your web config if you are planning to use the user's credentials to connect to SQL Server.