ASP.NET Membership Admin without Visual Studio

I found this somewhere out on the web – my apologies to the original author as I didn’t record it’s origin.

Using the default ASP.NET 2.0 Membership (AspNetSqlMembershipProvider) you can modify config settings and add/remove users from the Visual Studio IDE if you are running it locally or FrontPage Server Extensions are installed and you are connected remotely to the site.

If you want to use the ASP.NetWebAdminFiles web interface without Visual Studio, as I recently did, then here is what you do.

FYI: Only do this if you are careful and for the right purposes, since you are exposing some administration capability.

1. Create a virtual directory that points to the web admin files.
This is what I did:

VirtualDirectory: ASP.NetWebAdminFiles
MappedTo: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles

2. Modify the properties of the virtual directory so that it is running under ASP.NET 2.0. (Properties > ASP.NET)

NOTE: if you are running 1.1 and 2.0 applications on the same server or site, you may have to set up a separate application pool for the 2.0 sites. If you get the notice, “Application Unavailable” then that is why.

3. While you are there, remove anonymous access to that virtual directory.

4. After that, you will be able to connect to the web admin tools using the following url syntax


in my case, it is:

NOTE: Although it isn’t recommended, if you want to access web admin tool from a different/remote computer, then open the WebAdminPage.cs file from the C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Code directory and comment the following code block:

if  (!application.Context.Request.IsLocal) 
   SecurityException securityException = new SecurityException((string)HttpContext.GetGlobalResourceObject(
                                                                        “GlobalResources”, “WebAdmin_ConfigurationIsLocalOnly”));

   WebAdminPage.SetCurrentException(application.Context, securityException);

The web admin tool will still be protected to some degree by the Integrated Windows Authentication.

NOTE: If while trying to update user information you get the following error:

Failed to update database “C:\inetpub\wwwroot\myapp\App_Data\ASPNETDB.MDF” because the database is read-only.

Then the NETWORK_SERVICE account does not have read/write access to the MDF file that is being used to store the user information.

Comments (5)

  1. Joe Stagner has written down the details you need to administer ASP.NET Membership database without installing…

  2. Gaurav says:

    I m using site admin tool for sharepoint 3.0 Can you please explain what is the purpose of applicationPhysicalPath & applicationUrl and what it should be in my case.

  3. arafa says:

    COOL TIP………..thanks for this post.

  4. Cedric says:

    Not working for me, I get the following error. Any idea?

    An error was encountered. Please return to the previous page and try again.

    The following message may help in diagnosing the problem: System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values. Parameter name: site at System.Web.Configuration.WebConfigurationHost.InitForConfiguration(String& locationSubPath, String& configPath, String& locationConfigPath, IInternalConfigRoot configRoot, Object[] hostInitConfigurationParams) at System.Configuration.Configuration..ctor(String locationSubPath, Type typeConfigHost, Object[] hostInitConfigurationParams) at System.Configuration.Internal.InternalConfigConfigurationFactory.System.Configuration.Internal.IInternalConfigConfigurationFactory.Create(Type typeConfigHost, Object[] hostInitConfigurationParams) at System.Web.Configuration.WebConfigurationHost.OpenConfiguration(WebLevel webLevel, ConfigurationFileMap fileMap, VirtualPath path, String site, String locationSubPath, String server, String userName, String password, IntPtr tokenHandle) at System.Web.Configuration.WebConfigurationManager.OpenWebConfigurationImpl(WebLevel webLevel, ConfigurationFileMap fileMap, String path, String site, String locationSubPath, String server, String userName, String password, IntPtr userToken) at System.Web.Configuration.WebConfigurationManager.OpenMappedWebConfiguration(WebConfigurationFileMap fileMap, String path) at System.Web.Administration.WebAdminPage.OpenWebConfiguration(String path, String appPhysPath, Boolean getWebConfigForSubDir) at System.Web.Administration.WebAdminPage.OpenWebConfiguration(String path, Boolean getWebConfigForSubDir) at System.Web.Administration.WebAdminPage.VerifyAppValid()