SQL ‐ Script to add IIS APP Pool user in SQL Server Database



IIS is Internet Information Services in which one could host OpenRose API and OpenRose WebUI projects.

OpenRose API connect to the SQL Server database mainly for CRUD (Create, Read, Update and Delete) operations. For this purpose, IIS user has to be authenticated in SQL Server. To be able to do that, Microsoft provides support for adding IIS App Pool user into SQL Server Database as Windows Identity.

Following script is designed to help users to create IIS App Pool account to be added first into SQL Server and then as database owner for OpenRose database. This way, It's possible to use this user to establish communication between OpenRose API and SQL Server OpenRose Database.

NOTE : We have tested below scripts in our test environment and it's provided on an "As Is" basis. OpenRose team does not guarantee it's workings and outcomes. Person running script script in SQL Server has to have sysadmin and dbowner role for SQL Server and the Database respectively


>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 

-- SCRIPT TO ADD IIS APP POOL USER TO SQL SERVER AND DATABASE


-- SQL Server Script Parameters

DECLARE @AppPoolName NVARCHAR(255) = 'IIS APPPOOL\IGNOREME'

DECLARE @DatabaseName NVARCHAR(255) = 'OpenRoseDB'


DECLARE @ErrorMessage NVARCHAR(4000)

-- Lets try and create use in SQL Server itself

BEGIN TRY

    IF NOT EXISTS (SELECT 1 FROM sys.server_principals WHERE name = @AppPoolName)

    BEGIN

        EXEC sp_grantlogin @AppPoolName

        PRINT 'Login created.'

    END

    ELSE

    BEGIN

        PRINT 'Login already exists.'

    END

END TRY

BEGIN CATCH

    SET @ErrorMessage = ERROR_MESSAGE()

    PRINT 'Error creating login: ' + @ErrorMessage

END CATCH


-- Lets try and create use in SQL Server Database

DECLARE @SQL NVARCHAR(MAX)

SET @SQL = '

USE [' + @DatabaseName + '];

BEGIN TRY

    IF NOT EXISTS (SELECT 1 FROM sys.database_principals WHERE name = ''' + @AppPoolName + ''')

    BEGIN

        CREATE USER [' + @AppPoolName + '] FOR LOGIN [' + @AppPoolName + '];

        PRINT ''User created in the database.'';

    END

    ELSE

    BEGIN

        PRINT ''User already exists in the database.'';

    END;

    ALTER ROLE [db_owner] ADD MEMBER [' + @AppPoolName + '];

    PRINT ''User added to db_owner role.'';

END TRY

BEGIN CATCH

    PRINT ''Error in the database operation: '' + ERROR_MESSAGE();

END CATCH;'


EXEC sp_executesql @SQL


<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< 


Following script was designed to remove IIS App Pool account from the database and then from the server itself.

DANGER : This script will remove IIS APP Pool from the database as well as from SQL Server itself.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 


-- SCRIPT TO DELETE IIS APP POOL USER FROM SQL SERVER 

-- Parameters

DECLARE @AppPoolName NVARCHAR(255) = 'IIS APPPOOL\IGNOREME'

DECLARE @DatabaseName NVARCHAR(255) = 'OpenRoseDB'


DECLARE @ErrorMessage NVARCHAR(4000)

-- Lets try and remove use in SQL Server Database

DECLARE @SQL NVARCHAR(MAX)

SET @SQL = '

USE [' + @DatabaseName + '];

BEGIN TRY

    IF EXISTS (SELECT 1 FROM sys.database_principals WHERE name = ''' + @AppPoolName + ''')

    BEGIN

        DROP USER [' + @AppPoolName + '];

        PRINT ''User dropped from the database.'';

    END

    ELSE

    BEGIN

        PRINT ''User does not exist in the database.'';

    END

END TRY

BEGIN CATCH

    PRINT ''Error in the database operation: '' + ERROR_MESSAGE();

END CATCH;'

EXEC sp_executesql @SQL

-- Lets try and remove use in SQL Server itself

BEGIN TRY

    IF EXISTS (SELECT 1 FROM sys.server_principals WHERE name = @AppPoolName)

    BEGIN

        EXEC('DROP LOGIN [' + @AppPoolName + ']');

        PRINT 'Login dropped.';

    END

    ELSE

    BEGIN

        PRINT 'Login does not exist.';

    END

END TRY

BEGIN CATCH

    SET @ErrorMessage = ERROR_MESSAGE()

    PRINT 'Error dropping login: ' + @ErrorMessage

END CATCH

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< 

Comments

Post a Comment

Popular posts from this blog

Introduction to OpenRose - Requirements Management

Image
Watch it on YouTube at : https://www.youtube.com/watch?v=P0x3ZaHg8sA OpenRose - Requirements Management Application VIDEO TRANSCRIPT Hello, and thanks for joining in for the launch of OpenRose, an open-source requirements management application. The main purpose is to help users and teams "do it right" and ultimately reduce waste. OpenRose is released on GitHub at [github.com/OpenRose](https://github.com/OpenRose). Users can look at the source code and documentation at the same location. Let me do a quick demo of the application. In this environment, I'm using Windows 11 on a desktop computer, not a server. I have installed IIS and deployed a web deployment package over IIS. When you connect to OpenRose, on the homepage, you will see a welcome message like this: "Welcome to OpenRose." One would start by creating a new project. For this demo, I've created two separate projects. The first project is a small example of how I converted a document published b...
Read more

What is Requirement?

Image
What is Requirement? OpenRose - Requirements Management An Open Source and FREE Requirements Management Application / Tool Direct Link to YouTube Video : https://www.youtube.com/watch?v=3qQzKbfvRPA Video Transcript :   Hi, welcome to OpenRose, an open-source and free requirements management application. Please visit https://github.com/openrose for more information. Let's go to the project dashboard, and this time, let's open a deep hierarchical level project. This is just a demo project, so when I open that project in the TreeView and start expanding the project, I can see some sample item types along with a Parking Lot, which is the system item type. Inside item type one, I have a top-level item, then item one and item two, which are broken down into further items. You can see I've given the names which indicate a kind of logical hierarchical structure in the name. Here, you can see L1, L2, L3, L4—that's the level. The project is considered as level one, and item ...
Read more

Details View - OpenRose - Requirements Management

Image
    Details View OpenRose - Requirements Management An Open Source and FREE Requirements Management Application / Tool Direct Link to YouTube Video : https://www.youtube.com/watch?v=FC67o7lUy3I Video Transcript : Hello. OpenRose is a requirements management application, which is freely available and published on GitHub. Simply go to github.com/openrose to find more. Today, we will discuss the Details View. When you go into the Projects section where you can see your list of projects, there are two main views: the Tree View and the Details View. When I click on Details View, I enter the project one level at a time, or I exit the project one level at a time. Inside the project, we know that there are item types. In this particular view, we can see that I have a parking lot, which is a system item type, and four other item types that I have created. This is a public document published by Barkley's Bank, which I have tried converting into some sort of specification or requirem...
Read more