I have created a share and added that share to a reader account.
Now I have executed a create user statement there in the reader account i.e.
CREATE or replace USER client_test
PASSWORD = 'Client4321'
LOGIN_NAME = 'client'
DISPLAY_NAME = 'client test'
FIRST_NAME = 'client'
LAST_NAME = 'test'
EMAIL = 'mukul.kumar#gmail.com'
DEFAULT_ROLE = sysadmin;
This statement gets executed without any error and also I can see the user details under the account tab in snowflake UI
but still, when I am trying to login into this newly created user, there is an error of incorrect username or password coming up.
Is creating a user in a reader account not allowed or anything like there in snowflake?
I haven't found documentation on this as such. It will be appreciated if anyone helps me out with this.
The issue here is that the login_name is the one which should be used for logging in to the SF application. Use "client" and "Client4321" to login and it will be successful.
Related
I am using AWS cognito API to create User in pool. User is being created successfully in Pool.
Following is the code for that . But this code create user with FORCE_CHANGE_PASSWORD state but I want to create user in UNCONFIRMED state. Can someone help me on this?
AdminCreateUserRequest cognitoRequest =
new AdminCreateUserRequest().withUserPoolId(id)
.withUsername(r.getEmail())
.withTemporaryPassword(r.getPassword().trim())
.withUserAttributes(new AttributeType().withName(Constants.EMAIL).withValue(r.getEmail().trim()))
.withUserAttributes(new AttributeType().withName(Constants.EMAI_VERIFIED).withValue("false"))
.withUserAttributes(new AttributeType().withName(Constants.GIVEN_NAME).withValue(r.getFirstName().trim()))
.withUserAttributes(new AttributeType().withName(Constants.FAMILY_NAME).withValue(r.getLastName().trim()));
You can use SignUpRequest to create user with unconfirmed status
SignUpRequest request = new SignUpRequest().withClientId(clientId)
.withUsername(userSignUpRequest.getUsername()).withPassword(userSignUpRequest.getPassword())
.withUserAttributes(emailAttr, groupAttr);
return cognitoClient.signUp(request)
After signup, user will get code on the email mentioned during signup.You can confirm user signup using different request taking code from user as input.
I'm new to Gerrit. The guy that made the setup left the company and now I need to create an account for a new employee.
We're using LDAP to authenticate. It works for all registered users.
The new user should be able to login to Gerrit if he already has an account that is supplied through LDAP. Right?
But, when he tries to login, the error "Cannot assign user name "Example Name" to account 1000054; name does not conform." appears.
Detail: The account number(1000054, in the example) gets increased after each unsuccessful login attempt.
Detail2: if a wrong password is entered, an error of wrong email/password is thrown.
Talking with the LDAP admin, he told that the request for the user hasn't arrived at the LDAP server.
Tried to open Gerrit DB using java -jar bin/gerrit.war gsql. There in nothing related to this new user in "ACCOUNTS" and "ACCOUNT_EXTERNAL_IDS" tables.
Our settings:
[ldap]
server = ldap://LDAP_SERVER_IP
accountBase = OU=Usuários Rede,OU=COMPANY,DC=COMPANY,DC=com,DC=br
groupBase = OU=Grupos,OU=COMPANY,DC=COMPANY,DC=com,DC=br
referral = follow
accountPattern = (mailNickname=${username})
groupPattern = (memberOf=${cn})
accountFullName = cn
accountEmailAddress = mail
accountSshUserName = cn
username = ldapread#COMPANY_NAME.com.br
password = PASS
How can I debug what's wrong in here? The usernames in our company follow the pattern name.surname.
I'm really lost. Thanks in advance.
I compared our settings with yours and I think something is missing in the accountPattern and groupPattern. This is our settings:
accountPattern = (&(objectClass=user)(sAMAccountName=${username}))
groupPattern = (&(objectClass=group)(cn=${groupname}))
The "objectClass=xxxx" clause is shown in the Gerrit documentation ldap example too.
But I can't explain why it doesn't work only for new users.
I finally could get it to work!
What I did:
Stopped Gerrit (./bin/gerrit.sh stop)
Opened the database (java -jar bin/gerrit.war gsql)
Inserted new row in ACCOUNTS table (insert into ACCOUNTS values ('2018-10-11 00:00:00.000', 'Name Surname', 'name.surname#company.com.br', 'N', 'NULL', 1000052);)
Inserted two new rows in ACCOUNT_EXTERNAL_IDS table referencing the new user id (insert into ACCOUNT_EXTERNAL_IDS values ('1000052', 'name.surname#company.com.br', 'NULL', 'gerrit:name.surname'); and insert into ACCOUNT_EXTERNAL_IDS values ('1000052', 'NULL', 'NULL', 'username:name.surname');)
Started Gerrit again (./bin/gerrit.sh start)
If anyone can explain what happened here... Please!
During some testing I applied SID value 0x01050000000000051500000085E77E2F11C35F7307E53B2B531D0200 of a system account received from SUSER_SIDfunction to User Mapping of a certain Login object in SSMS. Now based on that I cannot get rid of it as I keep getting an error message Value was either too large or too small for a UInt64 no matter what I enter or erase. I would appreciate if somebody would know how to get rid of a certain User Mapping either via UI or code specially when I encountered such an error message, thank you
Your actions were:
Open login properties of some windows login
Changing the corresponding user for some database to sid (why on the erth did you map the login to the user named as sid???)
This corresponds to the following code:
alter user... with name = [0x01050000000000051500000085E77E2F11C35F7307E53B2B531D0200];
Now you want to do the inverse action, so you need to execute this code:
use CDR_MDS;
alter user [0x01050000000000051500000085E77E2F11C35F7307E53B2B531D0200] with name = NAME=[GROUP\gg ORG RAACO MS BI Team];
I am debugging confirmation email flow when signing up a new User in Asp.Net Core web application with Identity Server 4.
Since I had already signed up with my actual email, to reuse it, I modified the UserName and Email in AspNetUsers table using SQL Update to some random value.
Now when I am signing up with the original email again. I am getting a duplicate user error
result = await _userManager.CreateAsync(user, model.Password);
I have already:
Cleared browser cache.
Closed local IIS Express
Restarted Visual Studio.
Used_userManager.DeleteAsync() after updating the UserName and Email back to original values but this gives an Microsoft.AspNetCore.Identity.IdentityError with description Optimistic concurrency failure, object has been modified.
On running this query on Sql Server
select * from INFORMATION_SCHEMA.COLUMNS where COLUMN_NAME in ( 'UserName' , 'Email')
I get the following:
I know that this is not a good practice to mess with backend, but this is development environment and I could continue my work with another email.
I would request readers to help in understanding how the User could be safely scorched to be able to reuse the email.
Appreciate your time
I agree with Kyle's comment and to further speed up your debug process you should note that if you use gmail to do this you can debug this process using one email.
from google/gmails perspective myaccount#gmail.com == my.acount#gmail.com == m.y.a.c.c.ount#gmail.com etc etc just try it out, google disregards all period characters in the email. you can enumerate/exhaust ~2^8 emails (in this example) if you just enumerate through the local-part of the e-mail address. but from your applications side, myaccount#gmail.com is not the same as my.account#gmail.com, ie they are different user accounts. Basically you can use one email to test out this feature of yours without having to delete the user.
Here is how I did it and finally got passed the pesky "concurrency failure" error message... This works in ASP.NET CORE 2.2
Obtain the user object through the FindByName method first.
Remove the user from their assigned Role (in this case I hard coded "Admin" because that is the role I'm interested in but fill in your own), then delete the user.
//Delete user.
//Obtain the user object through the FindByName method first.
//Remove the user from their assigned Role, then delete the user.
var userManager = serviceProvider.GetRequiredService<UserManager<ApplicationUser>>();
ApplicationUser delAppUser = new ApplicationUser
{
Email = "SomeEmailForindividualAdminUser",
UserName = "SomeUsernameindividualAdminUser"
};
Task <ApplicationUser> taskGetUserAppUser = userManager.FindByNameAsync(delAppUser.UserName);
taskGetUserAppUser.Wait();
Task<IdentityResult> taskRemoveFromRoleAppUser = userManager.RemoveFromRoleAsync(taskGetUserAppUser.Result, "Admin");
taskRemoveFromRoleAppUser.Wait();
Task<IdentityResult> taskDeleteAppUser = userManager.DeleteAsync(taskGetUserAppUser.Result);
taskDeleteAppUser.Wait();
I am not looking for a solution that involves the user, a token generated, and emailing in order to reset a user's password.
The scenario is a user contacts the admins and asks them to reset their password (internal organization web app). They are then told what that new temporary password is so they can log in and change it.
I see no function that lets me do the above. My attempt:
string passwordToken = await UM.GeneratePasswordResetTokenAsync(user.Id);
IdentityResult res = await UM.ResetPasswordAsync(user.Id, passwordToken, "newPassword##!$%");
UM is UserManager.
I get error "No IUserTokenProvider is registered". I think GeneratePasswordResetToken is the one causing the error. If so, why?
How do I properly do what I need?
Use the combination of RemovePasswordAsync and AddPasswordAsync
UserManager.RemovePasswordAsync(user.Id);
UserManager.AddPasswordAsync(user.Id, tempPassword);