Here's some DotLisp methods to extract locked-out details: ; This retrieves the list of users currently locked-out. (def (locked-out) (sql"select username from aspnet_users u join aspnet_membership m on u.userid=m.userid where islockedout<>0" :connect *default-connect-string :returns 'col))
; This unlocks a user. (def (unlock user) (sql(+ "update m set islockedout=0 from aspnet_users u join aspnet_membership m on u.userid=m.userid where islockedout<>0 and username=" (quote-string user)) :connect *default-connect-string :returns 'non-query)) ; This retrieves the password if you're using clear-text password storage. (def (get-password user) (sql(+ "select password from aspnet_users u join aspnet_membership m on u.userid=m.userid where username=" (quote-string user)) :connect *default-connect-string :returns 'val)) You can effectively ignore the DotLisp and see these as SQL queries. -- Regards, *Mark Hurd*, B.Sc.(Ma.)(Hons.) On 11 July 2013 13:23, Katherine Moss <[email protected]> wrote: > Thanks. I’m also checking all of the stored procedures; I think there > is one for at least every action on the site (there are 697 of them). I’ll > go to the forums if I cannot find what I’m looking for, though I know that > this is very easy. And I’m curious, if you don’t use ASP.net membership > built into the framework, then what on earth do you use for membership in > ASP.net applications? **** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *GregAtGregLowDotCom > *Sent:* Wednesday, July 10, 2013 8:31 PM > > *To:* ozDotNet > *Subject:* RE: Still trying to fix authentication on an ASP.net > application: some accounts work and others don't**** > > ** ** > > Hi Katherine,**** > > ** ** > > I’ll have to let someone else that uses that membership provider answer > that one. I took one look at it when it was released and decided it wasn’t > for me. I felt like I was in a parallel universe. Everyone in the room was > talking about how fast it was to build and I was looking at the methods, > etc. and thinking “didn’t they ever read any of the framework design > guidelines?” **** > > ** ** > > Regards,**** > > ** ** > > Greg**** > > ** ** > > Dr Greg Low**** > > ** ** > > 1300SQLSQL (1300 775 775) office | +61 419201410 mobile│ +61 3 8676 4913fax > **** > > SQL Down Under | Web: www.sqldownunder.com**** > > ** ** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Katherine Moss > *Sent:* Wednesday, 10 July 2013 11:07 PM > *To:* ozDotNet > *Subject:* RE: Still trying to fix authentication on an ASP.net > application: some accounts work and others don't**** > > ** ** > > That’s the funny thing; when I try and retrieve the passwords for either > of these two accounts, instead of having email directed to the local server > (I don’t have SmarterMail configured yet), I get the “we can’t locate your > account” message from Sueetie, then when I go to retrieve the user name of > the account, I was able to get a temporary email sent to the local server > (only for my account, and not the default administrator account), so > figuring that the temp password expired since it wasn’t working when Forms > authentication had accidentally gotten shut off, I attempted to make > another temporary password via the forgot user name link on the page. It > was then when my account got locked out. Never happened before, and as far > as I can tell, the default administrator account is nonexistent now. But > it is only these two accounts that are causing problems now; everyone elses > works fine. So my solution to this problem is instead of futzing around > trying to figure out why these aren’t working, I could make my friend an > administrator and allow her to delete them and then recreate them. (she’s > an admin anyway.) But my problem is how to query the ASP.net membership > tables in the database in order to ensure that the change gets replicated > from database to site. Correct me if I’m wrong, but this is the > aspnet_roles table I’m looking to access, right? And if so, what is the > statement I would use to make this change? (I’m very weak in Transact-SQL > at the moment, but it’s thanks to cool folks like you guys that I learn). > Looks like flipping forms authentication on and off really shuddered this > thing. Jees. **** > > ** ** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *GregAtGregLowDotCom > *Sent:* Wednesday, July 10, 2013 12:03 AM > *To:* [email protected] > *Subject:* RE: Still trying to fix authentication on an ASP.net > application: some accounts work and others don't**** > > ** ** > > Hi Katherine,**** > > ** ** > > It’s not saying that the account or the password are wrong. It’s saying > that the account is locked out. Is it set up to automatically unlock > accounts after a period of time? Is there a flag in the database that holds > the authentication details that says whether or not an account is locked?* > *** > > ** ** > > Regards,**** > > ** ** > > Greg**** > > ** ** > > Dr Greg Low**** > > ** ** > > 1300SQLSQL (1300 775 775) office | +61 419201410 mobile│ +61 3 8676 4913fax > **** > > SQL Down Under | Web: www.sqldownunder.com**** > > ** ** > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Katherine Moss > *Sent:* Wednesday, 10 July 2013 1:57 PM > *To:* [email protected] > *Subject:* Still trying to fix authentication on an ASP.net application: > some accounts work and others don't**** > > ** ** > > Hi guys,**** > > This is driving me crazy. I'm trying to fix my web site and the > authentication modules. I have since replaced the web.config file and some > people are able to log into the site. I cannot log in either as the main > administrator with a user name of admin, or as my secondary account, yet my > friend's able to log in just fine. I get the following error message when > trying to retrieve my user name since the site can no longer locate my > account:**** > > Server Error in '/' Application.**** > ------------------------------ > > *The user account has been locked out.* **** > > *Description: *An unhandled exception occurred during the execution of > the current web request. Please review the stack trace for more information > about the error and where it originated in the code. > > *Exception Details: *System.Web.Security.MembershipPasswordException: The > user account has been locked out. > > *Source Error:* **** > > An unhandled exception was generated during the execution of the current > web request. Information regarding the origin and location of the exception > can be identified using the exception stack trace below. **** > > > *Stack Trace:* **** > > ** ** > > [MembershipPasswordException: The user account has been locked out.]**** > > System.Web.Security.SqlMembershipProvider.ResetPassword(String > username, String passwordAnswer) +1840**** > > System.Web.Security.MembershipUser.ResetPassword(String passwordAnswer) > +145**** > > Sueetie.Web.ForgotUsernamePage.AddBody(MailMessage _msg, SueetieUser > _user) +507**** > > Sueetie.Web.ForgotUsernamePage.SendEmail_Click(Object sender, EventArgs > e) +277**** > > System.Web.UI.WebControls.Button.RaisePostBackEvent(String > eventArgument) +154**** > > System.Web.UI.Page.ProcessRequestMain(Boolean > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3707 > **** > > ** ** > ------------------------------ > > *Version Information:* Microsoft .NET Framework Version:4.0.30319; > ASP.NETVersion:4.0.30319.272 > **** > > I’m trying not to have to recreate the database, after all, how would one > place a fresh database under the application if all of the application’s > data is in there? So, my idea was to raise my friend as an administrator > via the database, but I don’t know how to do that and have the site > replicate the change on the side of ASP.net. and why are these particular > accounts being locked out and not taking email addresses? Thanks. **** >
