I have a new instance I created a month ago for testing and now I cannot remember the password I used. I would like to save the data. Is there any way to either reset the admin pw back to setup or can I create a new instance and transfer the data?
You can just put a temporary password for user 'admin' in the Users table
You can Check password in Table Users like what Gabriel said or reset password by SQL Script below.
UPDATE Users SET Password = 'setup', LockedOutDate = null WHERE Username = 'admin'
Related
I am having trouble logging in as admin when I switch to production. I get the following error:
BCryptPasswordEncoder - Encoded password does not look like BCrypt
I am guessing I would have to change the admin password directly in the database (table blc_admin_user), to an encrypted one? If so, what would it be?
Also I am hoping to use the same database created in development for production, I hope that is not an issue.
Note that I am using the default admin login (password: admin).
version 5.2.0-SNAPSHOT
Yes, you will need to encrypt the admin password with BCrypt and put that in the BLC_ADMIN_USER table. Here is the update script to do that:
UPDATE BLC_ADMIN_USER SET PASSWORD = '$2a$06$NtRCQoGXWEgBClwBO8b1AeBqIP1elvZNuZqR/57Yjfw4kV/M0vljG' WHERE LOGIN = 'admin';
I need to create a login and user on a geo-replicated database. The user will be granted the role of 'db_datareader' on this database.
The attempted approach has been to use the SID (same identity) parameter, as follows:
-- 1. PRIMARY_DATABASE: Run on master database of Primary Database to create login
CREATE LOGIN [LOGINUSER] WITH password='XYZ'
GO
-- 2. Select details for created SQL login
SELECT [name], [sid]
FROM [sys].[sql_logins]
WHERE [type_desc] = 'SQL_Login'
AND [name] = 'LOGINUSER'
GO
-- 3. SECONDARY_DATABASE: Run on master database of Secondary Database to create login with associated SID
CREATE LOGIN [LOGINUSER]
WITH PASSWORD = 'XYZ',
SID = <SID from Step 2>
GO
While the login creation works fine on both databases, I was allowed access on the PRIMARY_DATABASE, and denied access on the SECONDARY_DATABASE with the following error:
The server principal "LOGINUSER" is not able to access the database "master" under the current security context.
Cannot open user default database. Login failed.
Login failed for user 'LOGINUSER'. (Microsoft SQL Server, Error: 916)
Is this the correct approach for setting up a login in geo-replicated databases?
How do I set up a user on these databases?
You should create logins on the other server too from the SID taken from the primary. Otherwise you can use contained users feature in SQL server / db so that users gets automatically replicated to the read only copy.
It appears you don have local access to master db. Have you tried accessing master via a different login? If not you may want to create a local user in master and connect using it.
You should use contained users instead. These users are contained within the database, are synced along geo replications and do not need an extra login from master table.
Create a contained user with password as db_owner:
USE mydatabase;
CREATE USER myuser WITH PASSWORD = 'secret';
EXEC sp_addrolemember 'db_owner', 'myuser'
more information: https://learn.microsoft.com/en-us/sql/relational-databases/security/contained-database-users-making-your-database-portable?view=sql-server-ver15
I faced the same issue and the following worked for me. I have Azure SQL Server on which the Active geo-replication is enabled.
Ensure that your IP Address is added to the firewall of the existing and the new Server.
On the master database of the Primary server:
Create a login
CREATE LOGIN geo_user WITH PASSWORD = 'secure-password'
Create a corresponding user and assign it to the dbmanager role (you can assign an appropriate role as per your requirement)
CREATE USER geo_user FOR LOGIN geo_user
ALTER ROLE dbmanager ADD MEMBER geo_user
Note the SID of the new login:
SELECT sid FROM sys.sql_logins WHERE name = 'geo_user'
On the source database of the Primary server:
Create user for the same login:
CREATE USER geo_user FOR LOGIN geo_user
Add the user to the db_owner role:
ALTER ROLE db_owner add MEMBER geo_user
On the master of the Secondary server:
Create the same login as on the Primary server (using the same username, password and SID from step-4 ):
CREATE LOGIN geo_user with password = 'secure-password', sid=0x01060000000000640000000000000000A0D03563024DA846ADBCF33D31B6C026
Create a corresponding user and assign it to the dbmanager role:
CREATE USER geo_user FOR LOGIN geo_user
ALTER ROLE dbmanager ADD MEMBER geo_user
Now you should be able to login to the new Server using this user and query the database.
I am trying to setup a local database in a windows 10 computer, and grant access to my local windows-user. But when I try to access the database through my node-application I get the following error-message: error: password authentication failed for user "windowsuser" using the following db-url: postgres://localhost:5432/testdb
I am using the module "pg" to connect to the database, and everything works when I specify a username and password in the URL - but I want to connect using my windows credentials.
I have setup a superuser with the same name as my windowsuser:
CREATE ROLE windowsuser LOGIN
SUPERUSER INHERIT CREATEDB CREATEROLE NOREPLICATION;
And setup a database windowsuser as owner:
CREATE DATABASE testdb
WITH OWNER = windowsuser
ENCODING = 'UTF8'
TABLESPACE = pg_default
LC_COLLATE = ''
LC_CTYPE = ''
CONNECTION LIMIT = -1;
GRANT ALL ON DATABASE testdb TO windowsuser;
The windows user has no password, and I want to be able to just login with the current system user. Am I missing something essential here to get proper access?
I believe you cannot simply authenticate without a password. Have a look at the PostgreSQL doc here:
PostgreSQL: Documentation: 9.4: Authentication Methods
You will need to setup "Trust Authentication" instead of "Password Authentication".
19.3.2. Password Authentication
"PostgreSQL database passwords are separate from operating system user passwords. The password for each database user is stored in the pg_authid system catalog. Passwords can be managed with the SQL commands CREATE USER and ALTER ROLE, e.g., CREATE USER foo WITH PASSWORD 'secret'. If no password has been set up for a user, the stored password is null and password authentication will always fail for that user."
Is there a specific reason why you are opting to use a Windows system account, as well as no password?
I am creating the backend for a system and noticing that the login and create new account requests are virtually identical (I.e. they both contain a username and password) - is there any reason that they should be seperate requests? should the server implement any differences between the requests?
I am seeing something like this:
login:
search for username X,
check that password Y matches saved password,
have user connect
new account:
search for username X,
create username X with password Y,
have user connect
combo:
search for username X,
if X exists, check for password match,
else X does not exist, create X and set password Y,
have user connect
On the client side for a new account they would be asked to enter the password twice (to check for typo's/etc.) and asked to read the TOS/etc. of course
are there any security concerns with doing something like this? how is this normally handled?
I have developped a windows store app with C#,and I want to make my application keeps the login crediantials after the close of the application (like the Groove app after connexion and the close of the App,when I reopen it in an other time I get the application interface without putting login crediantials every time)
any explication in how to do that in universal apps please
thanks for help
Here's the solution to all your problems: https://msdn.microsoft.com/library/windows/apps/br227081
PasswordVault is the perfect place and the secure way to store your user credentials. It use the Windows Credential Manager and it allows you also to roam the credentials across devices, if this is the behavior you want to achieve.
Sample code:
// Create a new credentials set
var passwordCredential = new PasswordCredential("MyAppName", "username", "password");
// Stores the PasswordCredential in the PasswordVault
var passwordVault = new PasswordVault();
passwordVault.Add(passwordCredential);
// To later retrieve the credentials
var credentials = passwordVault.Retrieve("MyAppName", "username");
// To populate the Password property in the PasswordCredential
credentials.RetrievePassword();
it's a very common scenario.
You must use Storage folder to save all the data.
I recommend you save your file in json, serialize and Deserialize the data.
with this approach you can save the credentials of the user and when the user will open the app again you will need to check if there is a previous saved data( the login credentials) if yes you can skip the login page and navigate to the main page
https://msdn.microsoft.com/en-us/windows/uwp/files/quickstart-reading-and-writing-files