ASP.NET MVC Windows Azure organization authentication - asp.net-mvc

I'm trying to configure the organization authentication in an ASP.NET MVC project in Visual Studio 2013 RC.
After filling the data in the create project dialog, like Microsoft instructed in their tutorials, I'm getting an error which says that the configure failed.
I've tried to do so as well in Visual Studio 2012 using the identity addon.
Maybe it's related to Windows Azure AD?
Here is the error that I'm getting:
Hopes that someone knows how to fix that issue. Thanks for any help and suggestion!

This question is old, but today I found a workaround that I'd like to share.
It seems like we can't use Microsoft Account when we're using WAAD.
So:
Create a WAAD.
Add an administrator
Choose local directory account, not Microsoft Account.
Grant this account Global Administrator permissions.
Open Visual Studio and create a new web based project.
Choose in authentication the "Organization Accounts".
Specify your WAAD URL (e.g. "foo#onmicrosoft.com").
When you're required to insert your user and password, use the local account username and password. for example ("oz#foo.onmicrosoft.com").
This will allow you to pass the error.
Edit:
Microsoft published a post that referred to this problem and show the solution (the one I described above). http://www.cloudidentity.com/blog/2013/12/11/setting-up-an-asp-net-project-with-organizational-authentication-requires-an-organizational-account/

I would check for two things:
The account used to login to Windows Azure while has Global Admin role in AAD
App ID URI specified in the project creation dialog is valid. Valid App ID URI for domain mydomain.onmicrosoft.com has format https://mydomain.onmicrosoft.com/uniqueUri. Note that you can leave this field blank and the tool will automatically pick the correct App ID URI for you.
If these two things don't help, I would encourage you to run DebugView (http://technet.microsoft.com/en-us/sysinternals/bb896647.aspx) in the background while trying to create a similar project and you can see the actual error message in the trace in DebugView.

In follow up to OzB:
Once you've setup the user in AAD as per OzB's account,
note that you must also then go to "Settings" in Azure and add that account as an administrator of the Azure subscription, otherwise you can't upload the website itself.

Related

Azure ASP.NET deploy error

I have a strange issue, when I deploy asp.net mvc app to azure service this error appears:
I have tried to clean my project, create new resource group, new app service plan and nothing helps. In fact, I don't know why this problem appears , I am doing the same actions as I was doing before, when successfully published my apps.
I am deploying my application from visual studio, I was trying to create web app from azure portal but I don't know how to connect my db to this app (I am using entity framework + code first and simple link to my db (in "link resources" tab of my web application settings) doesn't work.
Does some1 faced this problem before? I will be glad for any help.
P.S. Start page of web app works, but I can't connect to db.
Did you use the portal from manage.windowsazure.com or the new one which is portal.azure.com? I would suggest you to create everything (including app service plan, resource group, web app, etc) using the new azure portal because I found some reference that stated those two portal use different API so that's maybe why there are some problem if you use both portal at the same time (I don't know why they use different API). Maybe you can try to recreate everything but using the new portal consistently and let me know the result :)
Based on the error message, the root cause of your deployment issue is due to invalid Api version parameter for the resource group: "Default-SQL-NorthEurope".
The api-version you have specified for the above resource group deployment template is 2.0, which is invalid.
The valid api-version format must be: yyyy-MM-dd
The supported suffixes: "-preview,-alpha,-beta,-rc,-privatepreview"
From the name of your resource group, it should contain Azure Sql database server and database resources.
You should use api-version: 2014-04-01-preview for the resource group above.
Below is the reference for the resource group deployment template for Azure web app and SQL database:
Azure Quickstart template: 201-web-app-sql-database
Hope this helps!

Not able to access my MVC 5 web application after adding MS Identity

I created my app using a template. After that i managed to connect it with an existing database. Then i tried to add Identity so that i will be able to authorise and authenticate users of the application. I tried to do that following the instructions of "shyamal parikh" in this post Adding ASP.NET MVC5 Identity Authentication to an existing project
My problem is that now i get a 401 error unless i got to solution explorer (in VS) and disable the windows authentication. But when i do that all the users have unrestricted access to the whole application.
I assume that the problem has to do with that solution that i performed but i cant comment directly there.
Can anyone give me a hint as to what i might be doing wrong?
Do you have windows authentication installed on your computer? Maybe adding that might help. Here are the instructions-
https://www.iis.net/configreference/system.webserver/security/authentication/windowsauthentication/providers/add
Also look at your event viewer, you might have some hints there.

Problems trying to setup Team Foundation Server 2010 with AD accounts

I was asked to setup a TFS 2010 environment so the team wouldn't have to send the project updates to each other by email. I set it up on a Windows 2008 R2 DC holding all of the AD accounts normally used for logging on to the client computers. After going through the installation and then configuration wizards, it all installed successfully.
I then added myself to the TF Administrators group and tried to log in to the web interface. But it seemed to refuse my credentials. I tried everything, creating a new TF group and adding myself to it and I tried adding myself to the project collection administrator group. Nothing seems to work.
Did I overlook a certain function or button to link the AD accounts to the TFS? Or did I do something else wrong?
By logging 'in to the web interface' do you mean the SharePoint web interface? If so, you need to grant your accounts access to the SharePoint site. The admin account that you have running the server is a SharePoint admin, so you should be able to log in as that and modify SharePoint user permissions as needed.
SharePoint security, SQL security, and TFS security are all separate from each other. But the TFS Admin Tool provides an interface for you to maintain security on all three platforms at once.

How do I access the ASP.NET Configuration Tool when a site is live? This is ASP.NET MVC

I was wondering if it's possible to access the ASP.NET Configuration Tool once a site is live. To be able to create and edit users and roles is obviously very important, and from what I've been reading, once a site is deployed, the Configuration Tool is no longer accessible. If this is the case, HOW do I add users, etc.?
By the way, I found a User Management plugin which brings a lot of the Configuration Tool's capabilities to the front end of a User Management section of the deployed website, but it DOES NOT offer the capability to add a new user. Help??? Thanks!!
That all depends. If by "going live" you mean "Publishing the website and the database to a different computer through which you cannot access the database any longer", then yes. If you still have sql access (ie. you can run SQL Management Studio from your dev machien) the no you can access it by changing your web.config.
Alternatively, you can install Visual Studio express on your remote server and be able to access it from there.
The ASP.NET Configuration Tool GUI is not available once the site is live unless you have access to the database from your development machine.
All of the settings for user authentication can be modified via your web.config file.
You can add/edit users and roles via the Membership and Roles class in the System.Web.Security namespace.
1: Website admin tool is accessible via Visual Studio only.
2: You can access your membership database on live via WSAT by changing connectionstring in your web.config to point to your live membership db.
Apart from using WSAT, asp.net has CreateUser control which you can use to create user on live. This is the same control used by WSAT.
These links should help:
CreateUserWizard
Custom WSAT Tool
http://weblogs.asp.net/scottgu/archive/2005/10/18/427754.aspx

How to grant write access to a folder in ASP.NET MVC site with IIS7?

As the title says.
Can some give me instructions how to do this
as I cannot see how.
I am used to IIS5 & 6.
Also when I try to add write access to the folder
in explorer there is no Add option to add a user ie ASPNET account.
This is on Vista
Malcolm
You need to grant access to the IIS_USRS group (for the AppPool) and the IUSR user (for anonymous access / static content).
IIS 6 and IIS 7 are using NETWORK SERVICE as account for access to the system resources. You need to give rights to this account

Resources