ASP.NET Membership Admin without Visual Studio
I found this somewhere out on the web – my apologies to the original author as I didn’t record it’s origin.
Using the default ASP.NET 2.0 Membership (AspNetSqlMembershipProvider) you can modify config settings and add/remove users from the Visual Studio IDE if you are running it locally or FrontPage Server Extensions are installed and you are connected remotely to the site.
If you want to use the ASP.NetWebAdminFiles web interface without Visual Studio, as I recently did, then here is what you do.
FYI: Only do this if you are careful and for the right purposes, since you are exposing some administration capability.
1. Create a virtual directory that points to the web admin files.
This is what I did:
VirtualDirectory: ASP.NetWebAdminFiles
MappedTo: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles
2. Modify the properties of the virtual directory so that it is running under ASP.NET 2.0. (Properties > ASP.NET)
NOTE: if you are running 1.1 and 2.0 applications on the same server or site, you may have to set up a separate application pool for the 2.0 sites. If you get the notice, "Application Unavailable" then that is why.
3. While you are there, remove anonymous access to that virtual directory.
4. After that, you will be able to connect to the web admin tools using the following url syntax
https://localhost/ASP.NETWebAdminFiles/default.aspx?applicationPhysicalPath=XXX&applicationUrl=/YYY
in my case, it is:
https://localhost/ASP.NETWebAdminFiles/default.aspx?applicationPhysicalPath=C:\inetpub\wwwroot\myapp\&applicationUrl=/myapp
NOTE: Although it isn't recommended, if you want to access web admin tool from a different/remote computer, then open the WebAdminPage.cs file from the C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Code directory and comment the following code block:
if (!application.Context.Request.IsLocal)
{
SecurityException securityException = new SecurityException((string)HttpContext.GetGlobalResourceObject(
"GlobalResources", "WebAdmin_ConfigurationIsLocalOnly"));
WebAdminPage.SetCurrentException(application.Context, securityException);
application.Server.Transfer("~/error.aspx");
}
The web admin tool will still be protected to some degree by the Integrated Windows Authentication.
NOTE: If while trying to update user information you get the following error:
Failed to update database "C:\inetpub\wwwroot\myapp\App_Data\ASPNETDB.MDF" because the database is read-only.
Then the NETWORK_SERVICE account does not have read/write access to the MDF file that is being used to store the user information.