ASP.NET web application cloud authentication sql dependency - webforms

I have created a project in visual studio using the ASP.NET web application (.NET Framwork) VB.
If i run it from within VS it asks for my MS credentials and registers the app in Azure. It then gives me the home page showing as me logged in.
I then deploy this app to IIS on a VM server in Azure. i create a self signed certifcate in IIS and create a https binding using the certificate and port
when i browse to the site it goes through all the login procedure as expected, then i get an error "A network-related or instance-specific error occurred while establishing a connection to SQL Server"
What SQL server??
if i go into connected services in VS under connected services it shows 'SQL Server dependency is detected' and i have to configure it. what is this?
Thanks
Gareth

Related

Can't access Azure SQL database with Visual Studio but can with SSMS

I'm trying to connect to an SQL database hosted on Azure from a function app I'm building in Visual Studio but I'm getting the following error:
A network-related or instance-specific error occurred while
establishing a connection to SQL Server. The server was not found or
was not accessible. Verify that the instance name is correct and that
SQL Server is configured to allow remote connections. (provider: TCP
Provider, error: 0 - An attempt was made to access a socket in a way
forbidden by its access permissions.)
I can connect from the same PC using SSMS without a problem. I've tried connecting to the database using data connections in server explorer in VS but I'm getting the same error. If I connect to Azure with my account in server explorer it shows me a selection of services including SQL databases but there are none listed underneath although my account does have access to the database.
Are there any hidden gotchas I'm missing or settings within VS? I've also tried adding my client IP in the firewall settings but that didn't make a difference either.
After doing some more testing it turned out to be the client firewall that was blocking VS and VS Code from connecting to Azure SQL. It seems there was already an exception for SSMS.
The error message states "Verify that the instance name is correct"
It could be that the SSMS is automatically creating a fully qualified name once you say that it is an azure database.
If you use the short name from Visual Studio, then you cannot connect to the SQL server.
For example "myserver.database.windows.net" versus "myserver".

Visual Studio 2017 Web publishing fails if user is non-admin while the same user can be used for VS2015 web publishing on the same web server

I am trying to publish a ASP.NET Core Web project to IIS (remote server) using a non-admin account using Visual Studio 2017 and I have the following error on deploy:
Starting Web deployment task from source:
manifest(D:\Projects\Own\AspNetCore\CoreWithAngularTrial\CoreWithAngularTrialApi\obj\Debug\netcoreapp1.1\PubTmp\CoreWithAngularTrialApi.SourceManifest.xml)
to Destination: auto(). C:\Program Files (x86)\Microsoft Visual
Studio\2017\Community\MSBuild\Sdks\Microsoft.NET.Sdk.Publish\build\netstandard1.0\PublishTargets\Microsoft.NET.Sdk.Publish.MSDeploy.targets(134,5):
Error : Web deployment task failed. (Connected to the remote computer
("...") using the Web Management Service, but could
not authorize. Make sure that you are using the correct user name and
password, that the site you are connecting to exists, and that the
credentials represent a user who has permissions to access the site.
Learn more at:
http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_UNAUTHORIZED.)
Make sure the site name, user name, and password are correct. If the
issue is not resolved, please contact your local or server
administrator. Error details: Connected to the remote computer
("...") using the Web Management Service, but could
not authorize. Make sure that you are using the correct user name and
password, that the site you are connecting to exists, and that the
credentials represent a user who has permissions to access the site.
Learn more at:
http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_UNAUTHORIZED.
The remote server returned an error: (401) Unauthorized. Publish
failed to deploy.
I have the following configuration for deployment:
Publish method = Web deploy
Server = servername:8172/msdeploy.axd
Site name = Default Web Site/CoreWithAngularTestApi
User name = username
Password = ******
The exact same configuration works when publishing a different application (ASP.NET MVC 5) under the same Web site (Default Web Site), so publishing configuration appears to be correct on the remote server.
Making username a local administrator unblocks the publishing process in Visual Studio 2017.
Also, publishing configuration files (*.pubxml) are virtually identical.
Event viewer on remote server catches the following error:
IISWMSVC_AUTHORIZATION_SERVER_NOT_ALLOWED
Only Windows Administrators are allowed to connect using a server
connection. Other users should use the 'Connect To Site or
Application' task to be able to connect.
Process:WMSvc User=username
Question: How can I enabled non-administration web publishing from Visual Studio 2017?
This issue has been fixed: https://github.com/aspnet/websdk/issues/146.
ASP.NET core project uses a different set of Publish targets (hence the change in behavior from MVC5). This project is available on GitHub - https://github.com/aspnet/websdk.
I managed to figure out why the publish fails with non-admin user. Server setup is correct, but Visual Studio publishing seems to treat ASP.NET Core Web app deployment differently from ASP.NET MVC 5 one.
I had to explicitly specify web site name within the publishing profile xml file. So, instead of:
<MSDeployServiceURL>servername:8172/msdeploy.axd</MSDeployServiceURL>
I put
<MSDeployServiceURL>servername:8172/msdeploy.axd?Site=Default Web Site</MSDeployServiceURL>
NOTE: This problem does not occur when publishing an MVC 5 project within VS2017.

Visual studio debug access to external database

I have a question as to how the Visual Studio 2013 debug emulator for Web API works.
I had built a Web API project in Visual Studio 2013 to access a database on an external server. The code was built using VS2013's ASP.NET Web Application project template for a Web API application. Once built, running debug opened a browser window for localhost port 56618, which allowed access from Fiddler to test Http requests.
Once I had the project finished, I published it to a website using Web Deploy to IIS. However, whilst the page would open (now at localhost:9812), an http request would throw an Internal Server Error 500.
Perusing the IIS FailedReqLogFiles, I noticed that the reason that it was failing was that the database server was refusing access to '<Domain>\<machine-name>$'.
I added '<Domain>\<machine-name>$' as a valid login (windows authentication, as the connection string included "Integrated Security=true") on the sql instance with read and write privileges, and the problem was resolved.
The question is, why didn't the Visual Studio debug emulator have the same issue?
Because the emulator was running the website under the context of your own account (e.g. <Domain>\You). Your account had access to the database, so there was no issue.
When you published it to IIS, it started running under the context of a different account (<Domain>\Machine-Name - but there are other variants depending on how IIS is configured, and the version of IIS), which didn't have access to your database.

ASP.NET MVC3 webdeploy: database deployment on production

I am using webdeploy to deploy my web application to IIS. I followed Microsoft's 12 part tutorial for this. I successfully deployed it on my local IIS.
I have to now deploy this to production and I am following the same steps. I am connected to the remote machine via VP. Form VS2010 publish profile the connection to the server was successful. But when I enter the DB connection string as
"Data Source=xxxx\SQLExpress;Initial Catalog=SWSS;Integrated Security=True"
and try to preview the Database, I get the following error:
Web deployment task failed. ((4/1/2013 9:18:42 PM) An error occurred when the request was processed on the remote computer.)
(4/1/2013 9:18:42 PM) An error occurred when the request was processed on the remote computer.
Exception has been thrown by the target of an invocation.
Member 'ClassName' was not found.
The remote machine does not have TCP/IP enabled.
1. Is it safe to enable this in production machine?
2. If not, how to deploy DB, taking advantage of the dbdacfx?
Update 1:
Based on the comments below, I have changed my connection string as follows:
"Data Source=SWSS\SQLExpress;Initial Catalog=SWSS;User Id=xxxx;Password=xxxx;"
I created a sysadmin user in SQL server with SQL authentication rather than Windows authentication. Now the error is as follows:
Web deployment task failed. (Could not generate deployment script.
Unable to connect to target server.
Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_EXECUTING_METHOD.)
Update 2:
Using mixed mode authentication on SQL Server fixed my issue.

TFS 2010: Service Unavailable 503

I've been trying to solve this problem for about a week now. I posted this question on Microsoft website and only received one reply, which did not solve my issue. The following is a combination of my posts on Microsoft website.
I installed and configured TFS 2010 on Window 7 PC 64-bit. When I navigate to http://localhost:8080/tfs in my browser, I get
Service Unavailable – HTTP Error 503. The service is unavailable.
Any help to solve this problem would be greatly appreciated.
Based on previous reading, I have done much work to figure this out. Following are the steps I have gone through to solve this issues. The list is fairly long, but I want to make sure all the information that may be pertinent to solving this problem is available.
I have uninstalled and reinstalled TFS many times
The application pool "Microsoft Team Foundation Server Application Pool" is running
The application pool "Microsoft Team Foundation Server Web Access Application Pool" is running
Other website in IIS that point to the "ASP.NET v4.0" app pool seem to run fine.
If I point my other sites to "Microsoft Team Foundation Server Application Pool" they
seems to run fine
The Windows user "TFS" is in the following rolls: Administrator, IIS_IUSRS, - TFS_APPTIER_SERVICE_WPG, Users
I'm able to run SQL Server Management Studio (SSMS) as the user "TFS" and access the databases "Tfs_Configuration" and "Tfs_DefaultCollection"
I have confirm the account for "TFS" is not disabled or expired
For IIS application "Team Foundation Server", I Configured "Failed Request Tracing Rules" to log status codes 401.3-999
After IIS Reset and browser refresh, no files in the "FailedReqLogFiles" directory
No log information in IIS Logs
In Team Foundation Server Administration Console, I can change account info(Update Password, Change Account, Reapply Account).
In Team Foundation Server Administration Console, when I try to changing Group Membership or Administer Security I get the error "Team Foundation services are not available from server http://localhost:8080/tfs. Technical information (for administrator): HTTP code 503: Service Unavailable"
In Event Viewer, I do not see anything that may be of value
In Sql Server Configuration Manager, confirmed "SQL Native Client 10.0 Configuration - (32bit)", "SQL Server Network Configuration", and "SQL Native Client 10 Configuration" all have the following protocols enabled (Shared Memory, TCP/IP, and Named Pipes"
In IE confirmed that that Proxy server is not enable.
I installed Team Foundation Server 2010 Power Tools. The following are the Critical Issues returned by the tool
Accessing "AuthorizationService" Web service at "/DefaultCollection/Services/v3.0/AuthorizationService3.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
Accessing "BuildService" Web service at "/DefaultCollection/Build/v3.0/BuildService.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "CommonStructureService.ListAllProjects" at "/Services/v1.0/CommonStructureService.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable."
Accessing "GroupSecurityService" Web service at "/DefaultCollection/Services/v1.0/GroupSecurityService.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
Accessing "IdentityManagementService" Web service at "/DefaultCollection/Services/v3.0/IdentityManagementService.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "Integration Services ProcessTemplate.GetTemplateName" at http://MyServer:8080/tfs/DefaultCollection/Services/v1.0/ProcessTemplate.asmx failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
Accessing "LabService" Web service at "/DefaultCollection/Lab/v3.0/LabService.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "ProcessTemplate.TemplateHeaders" at "/Services/v1.0/ProcessTemplate.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable."
Accessing "Repository" Web service at "/DefaultCollection/VersionControl/v1.0/repository.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
Accessing "SecurityService" Web service at "/DefaultCollection/Services/v3.0/SecurityService.asmx" failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "TeamProjectCollection.GetDefaultCollectionId" at http://MyServer:8080/tfs/TeamFoundation/Administration/v3.0/TeamProjectCollectionService.asmx failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "VersionControl.Administration.QueryRepositoryInformation" at http://MyServer:8080/tfs/DefaultCollection/VersionControl/v1.0/administration.asmx failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "VersionControl.Administration.QueryRepositoryInformation" at http://MyServer:8080/tfs/DefaultCollection/VersionControl/v1.0/administration.asmx failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The Web service call "ConfigurationSettings.ServiceGetWorkitemTrackingVersion" at http://MyServer:8080/tfs/DefaultCollection/WorkItemTracking/v1.0/ConfigurationSettingsService.asmx failed. Error message: "The remote server returned an error: (503) Server Unavailable.".
The follow are additional issues that were not critical:
SharePoint Products is not installed or integrated with Team Foundation Server.
Team Foundation Server is not configured to use the data warehouse.
Team Foundation Server is not configured to use Report Manager.
Results for rules that require access to Team Foundation Build cannot be included in the report.
Cannot validate the configuration of Visual Studio Lab Management. Results for rules that check the health of Visual Studio Lab Management will not be included in the report.
Paged pool memory on MyServer is over the warning threshold of 180 MB. This may not be a problem if a backup is currently in progress. Current value: 490 MB.
The follow are Information Items:
Computer: MyServer. Manufacturer: System manufacturer. Model: System Product Name.
The application tier connected to Team Foundation Server at 12/2/2010 9:09:49 PM.
The connection string in config file c:\Program Files\Microsoft Team Foundation Server 2010\Application Tier\Web ervices\Web.config on MyServer is: Data Source=MyServer;Initial Catalog=Tfs_Configuration;Integrated Security=True;.
The connection string stored in the Team Foundation Server registry is: Data Source=MyServer;Initial atalog=Tfs_Configuration;Integrated Security=True.
Logical disk C: on MyServer is 500 GB in size.
No Sharepoint Site is configured for this Team Project Collection "DefaultCollection".
No Sharepoint Site is configured for this Team Project Collection "DefaultCollection".
The MyServer is running the 64-bit version of Windows.
The SQL Server (MSSQLSERVER) service on MyServer is configured to run as user NT AUTHORITY\NETWORK SERVICE.
The account Identity for the Team Foundation Server application pool on MyServer is MyServer\TFS. This is the same as the Team Foundation Server service account.
The Team Foundation Server Product Version is 10.0.30319.317
The Team Foundation Server Service Level is Tfs2010.RTM.KB2135068.P#3.
The MyServer has 1 processor(s) installed.
The MyServer has 6134 MB of memory installed.
Volume C:\ on MyServer is a mount point.
I started up a Virtual Machine with Windows 7. Installed and configured TFS. Everything seems to work fine on the Virtual Machine. With an environment working, I started to compare differences between the two.
Here are some of the differences I found between the two environments:
My primary computer is 64-bit and the Virtual Machine is 32-bit.
On my primary computer, IIS "Team Foundation Server Website" has a "aspnet_client" directory. On the virtual machine, this directory does not exist
On my primary computer, in IIS Manager for "Team Foundation Server" the section ASP.NET are the same on both my primary computer and virtual machine.
On my primary computer, IIS Manager IIS Section has these additional feature that the virtual machine does not include (ASP, Authorization Rules, CGI, IP Address and Domains, and WebDav Authorization)
On my primary computer, IIS Application Pool setting has a property call "Enabled 32-Bit Application". This was set to false and I changed it to true. Understandably this feature is not available on the virtual machine.
Thanks.
My application pool had been stopped as well and when I looked into why or how, I discovered that it was running under a domain account of one of our admins who initially installed TFS (months ago).
B/C of a corporate domain policy, he was forced to recently enter a new password for his account. Then after business hours last night, an update was applied to the IIS server on which TFS runs, and the update required a reboot. B/C the password of the identity under which the app pool runs had changed, IIS could not restart the pool, as the identity was still set to the original domain account and password.
Once I had the admin enter his new password with the app pool's identity, the pool would restart. However, b/c corporate enforces password expiration like every 90 days, I ultimately changed the identity to local system account in order to avoid this problem in the future (choosing local system may not be the best choice).
Start -> Administrative Tools -> IIS
{Server name} -> Application Pools
Right Click on Microsoft Team Foundation Server Application Pool -> Advanced Settings
Identity -> Choose Custom Account -> Click Set -> Enter the username and password of the system admin
Stop then Start Microsoft Team Foundation Server Message Queue Application Pool
Stop then Start Microsoft Team Foundation Server Application Pool
I got this error as well. In the application pool there is a TFS App Pool that was stopped. Once this was started again the 503 error stopped occuring
I never got it to work. I created a VM and installed Team Foundation Server (TFS) 2010 and everything seem to work good. To conclude, I'm not sure what was wrong, but if I install it on a fresh server everything works fine
The very first thing you must do is to ensure that the application pool is running.
I just ran into this problem. Our TFS server is not part of a domain. I noticed that the HTTP log file seemed to list IPv6 addresses at times and at other times IPv4.
I turned off IPv6 and we were able to once again connect to TFS.
Uncheck Limit connection on IIS to solve this problem.
Limiting Connections (IIS 6.0)
In my case... (my problems aren't related to how TFS is setup but accessed from a workstation)
I work for a large bank and have a sophisticated firewall/proxy - suffice it to say I have had to play with clicking various options to properly connect to our TFS AND connect to the Internet (to download Visual Studio extensions). I fix my error under the proxy settings in IE under OPTIONS | Connections | LAN Settings...
I've had some 503 errors from TFS myself, if my memory serves correctly (I can't test much as my test server is currently down) I had some issues with the versions of ASP.NET the TFS website was configured to use.
Check that ASP.NET is configured to use version 4.0 in IIS (right click the site > Properties > ASP.NET). Also make sure that no other non TFS sites are in the same application pool as your TFS site (actually a virtual directory in your TFS site) and configured separately (they don't seem to play well together!).
I just checked my team foundation services from application pool through inetmgr and found my services was not running.i started it and now i am able to connect to the server.
After installing several times I got it working with installing SQL Server 2008 R2 (Developer) instead of using SQLExpress.
I encountered the same problem today.
Resolution is start installation distrib of TFS and repair product
(in my way i re-install only tfs 2010 service pack 1).
Go to Application Tier in TFS Administration Console and change account; it may fix the problem
I very recently ran into a similar issue. One of our tools sporadically failed when attempting to contact our TFS resource. Comparing the machines in our TFS VIP, only one machine had IIS errors, namely (truncated): 503 8080 QueueFull Microsoft+Team+Foundation+Server+Application+Pool. A quick comparison of app pool settings showed that the good machine had a queue length of 1000, the bad had only 10. 1000 might be excessive, but 10 was apparently too small. I am yet to verify that changing queue length from 10 to 1000 fixed my issue. Hopefully I remember to complete my post! Hope this helps someone...
If the TFS server name is longer than 15 characters it could be an issue with the netbios name being different than the servername. In our case the AppFabric Service was crashing, and we had to use the following to fix the Cache Host name:
http://www.andrewjbillings.com/long-server-name-causing-app-fabric-service-to-crash/
This resolved the TF24668: The following team project collection is stopped errors that we were getting, along with some TF400732: The request has been canceled. and TF246066: Team Foundation Server is offline. error messages
I have TFS installed on my local machine and TFS is running under custom account.
I solved 503 error by setting the App Pool credentials again (Microsoft Team Foundation Server Application Pool and Microsoft Team Foundation Server Message Queue Application Pool)
Another, pretty special reason could be, that you set "Logon as a batch job" in AD explicitly. If you do not specify this setting it defaults to "Administrators;Backup Operators". If you overwrite it e. g. to allow a custom account to schedule a task you must make to not forget adding the default values. Else exactly this problem 503 Service unavailable and a stopped app pool appears.

Resources