Security :: How To Delete User Accounts Using Database
Jul 7, 2010
I am using the create user wizard to create users that are then placed in the ASPNETDB database. Is there a way to delete users in the same fashion? I am using Visual Studio 2008 VB.NET.
I am trying to remove a user account (I am using the default authentication system), but I can't find a class/method which does this. Is there a way to do this?
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If BUT unable to do this... If user's Department = 'Department XYZ' Then Do This Else Do that End IF
In my Aspnet_Users table I have 2 user with same UserName. Membership.DeleteUser method only can delete user by username. How can I delete user by userid?
If a user who is logged in wants to delete his own account, why does login status still show him loggedIn even when user has been actually deleted.What I want is when user deletes his account he should get logged out also at the same time ....How do i log him out ?
[Code]....
Line 25: Call deleteSelectedUser()Line 26: Line 27: If User.Identity.Name = LstBoxUserList.SelectedItem.Text ThenLine 28: FormsAuthentication.SignOut()Line 29: Call deleteSelectedUser()
a user loged in and he wants to delete his user. how do i make a delete query that refers to his userID how do i get the user id of the current logedin user?
actullay my requirement is i need send messages to facebook user accounts using my web application(Asp.net,C#.Net).i have Users's facebook id and there there facebook Keys.
I am using forms authentication to protect a website and would like to set it so when someone uses the registration form that the account created is disabled and an email is sent to me notifying me of the new signup. Then I can go and enable the account.
I am very new to this but have gotten the basic registration form and login form working with my SQL 2008 Server but this is a bit above me and I have looked through the MSDN info on the CreateUserWizard and don't see options for this.
I had created a Membership ASP.NET 3.5 website and selected the Forms authentication. Therefore, I created several users with related information into the ASPNETDB database. Yesterday, I changed the website security to Windows authentication.
This morning, when reviewing the ASPNETDB data for another website, I still can see those Membership Forms users and their ApplicationIDs in the aspnet_Users and aspnet_membership tables. How can I delete those Forms users?
Another question: In aspnet_Applications table, I can see the ApplicationName (e.g. /WebPartsDemo) for the Web Parts websites. I have 2 ApplicationIDs in the aspnet_Membership table. I can not see only one ApplicationID in the aspnet_Applications table, but with an empty ApplicationName, i.e. / only.
Do I miss something when creating the Membership website? What is the ApplicationName for the Membership website?
I am currently playing with DotNetOpenAuth to make an ASP.NET (C#) website use OpenID instead of the normal login-password routine for user and session handling. Up till now, I have added the DotNetOpenAuth.dll into my project and tried a test login page with the following: <rp:OpenIdLogin ID="OpenIdLogin1" runat="server" />
When I run the page, I enter a valid myopenid url and the website redirects to the myopenid page, where I enter my password, and upon success, it returns back to my default.aspx, due to the following in my web.config:
Now that the user is "logged in", how can handle my session? At the moment, I don't know how I can, for example, check if the session is still alive or how to terminate the session. My basic question is, how can I manage the session once the user is authenticated with OpenID ?
[Update]
I am now using the following to check for authentication: HttpContext.Current.User, and with that I can now check if a user is authenticated with a session. Now is there a possible way on how I can "link" user details that are stored in my database with an openid account?
I have a Google Document in the following path.[URL] Once i click on the link i am directed to a page where google asks for the username/password of the above document.I had created a test username/password in gmail.which i can send to you all usgbctester@gmail.com and the password being usgbcpassword. I hav a button click event wherein i need to open the above link bypassing google asking for username and password.I should be able to hardcode the username and password in the button click event.
I use the default ASP.NET Profile Provider which lets me define user properties in web.config.
I now no longer want to use one of these user properties. I want to delete all traces of it.
I can remove the property from the list of properties in web.config however, I suspect, the stored values for this property will still be held in the aspnet_Profile table for each user.
Is there an easy way to clean out all traces of the data for a property that's no longer used from the aspnet_Profile table?
I am using ASP.NET 3.5 and SQL SERVER 2008. And I have a very simple code within my ASP.NET page :
Quote:
[code]....
The connection string specifies a local Sql Server Express instance using a database location within the applications App_Data directory. The provider attempted to automatically create the application services database because the provider determined that the database does not exist. The following configuration requirements are necessary to successfully check for existence of the application services database and automatically create the application services database:
If the applications App_Data directory does not already exist, the web server account must have read and write access to the applications directory. This is necessary because the web server account will automatically create the App_Data directory if it does not already exist.
If the applications App_Data directory already exists, the web server account only requires read and write access to the applications App_Data directory. This is necessary because the web server account will attempt to verify that the Sql Server Express database already exists within the applications App_Data directory. Revoking read access on the App_Data directory from the web server account will prevent the provider from correctly determining if the Sql Server Express database already exists. This will cause an error when the provider attempts to create a duplicate of an already existing database. Write access is required because the web server accounts credentials are used when creating the new database. Sql Server Express must be installed on the machine.
The process identity for the web server account must have a local user profile. See the readme document for details on how to create a local user profile for both machine and domain accounts.
I tried googling this and have had no luck. I would like to implement membership roles without any reference to email accounts or smtp. Does anyone have information on this topic?
I am using the SQLMembershipProvider for authenicating users for my web site. I would like to change the default message that is displayed when a user signs in but who's account is disabled. By default, it shows:
Your account has not yet been approved. You cannot login until an administrator has approved your account.
Is there a property for the Login control that allows me to change this message programmatically.
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
i have using aspnet DataBase, and i know that i can Check if the User is OnLine or not By Using Membership.GetUser.isOnLine; this is when invoke method in asp.net Page , But i want to Know if there is another way to Check If the User OnLine or Notfrom aspnet dataBase
We are buling a hosted ecommerce shopping cart solution and I would like to use asp.net's built-in membership provider. We dont really want to have a seperate database for each domain, we want to share the same database across mupltiple domains for different customers. Each domain is a seperate store.
My problem is that since it's a shared hosted solution people coming from different domains might use the same user name and it would show as if already existed. Is there an addional field I can use to store the domain name so basicly would be unique by username and domain name. We don't want to share information between stores.
I have a problem with SqlMembershipProvider. I have already created database aspnetdb. I need to add new user to database however one error occured. This is my web.config file: