We Keep Coding

MobileFirst Container Image doesn't show runtimes in Operations Console

I am using the evaluation container image for Bluemix. I have downloaded the image, and configured all the .properties files for scripts. Then pushed the image. I have used Clouding as the DB.
When I start the container, I see no runtimes displayed in Operation Console. When I open Cloudant console, I can see only one DB created with the name of the project I chose to deploy. There is no DB for administration.
I am not able to check the logs, it throws an error when I chose to create a volume in startsrver script. I am not able to login using SSH as well although I pasted the SSH public key file in usr/ssh before pushing.

The standard flow to have all up running is this:
./installcontainercli.sh
./initenv.sh args/initenv.properties
./prepareserverdbs.sh args/prepareserverdbs.properties
#this step you will repeat for each runtime you have to install.
./prepareserverdbs.sh args/prepareserverdbs.InvokingAdapterProcedures.properties
#steps to be repeated for deploys
./prepareserver.sh args/prepareserver.properties
./startserver.sh args/startserver.properties
The tricky here is that in the args/prepareserverdbs.properties the runtime property is commented.
At the file args/prepareserverdbs.InvokingAdapterProcedures.properties is the same at the file args/prepareserverdbs.properties, it is not commented.
Said that first you run:
./prepareserverdbs.sh args/prepareserverdbs.properties
then you run the following command to to create the runtime DB:
./prepareserverdbs.sh args/prepareserverdbs.InvokingAdapterProcedures.properties
After that, you follow with the deploy sequence:
#steps to be repeated for deploys
./prepareserver.sh args/prepareserver.properties
./startserver.sh args/startserver.properties
Details at: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-1/bluemix/run-foundation-on-bluemix/
Example of the app properties:
# Licensed Materials - Property of IBM
# 5725-I43 (C) Copyright IBM Corp. 2011, 2013. All Rights Reserved.
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
################################################################################################################################################
# This file defines the various properties that needs to be provided for running the prepareserverdbs.sh script
# Run prepareserverdbs.sh script to configure the management and runtime databases for the MobileFirst Platform projects.
# The Bluemix DB service type. The value can be either sqldb or cloudantNoSQLDB
DB_TYPE=cloudantNoSQLDB
# Bluemix DB service instance name
DB_SRV_NAME=CloudantDB
# Bluemix database service plan to create the service instance. For SQL DB, the accepted values are sqldb_small, sqldb_free, sqldb_premium.
# For Cloudant DB, the accepted value is Shared
DB_SRV_PLAN=Shared
# Bluemix application name to bind the DB service instance
APP_NAME=<your app name>
# (Optional) The name of the runtime project to be deployed on MFPF server. Specified only for configuring runtime database
RUNTIME_NAME=FormBasedAuth
# (Optional) Database Schema Name. Defaults to WLADMIN for admin database and runtime name for runtime database
#SCHEMA_NAME=

Installing SSRS 2012

"Install and configure" radio button is disabled for me when installing Reportin Services. Can anybody explain why?
P.S. Using SQL Server 2012, Standard Edition.

The behaviour is explained in Reporting Services Configuration Options (SSRS), though it's really impossible to tell what the specific issue is in your case.
From the article:
Install and configure Installs a report server instance in Native Mode
using the default values for the report server databases, service
account, and URL reservations. When you choose this option, the report
server instance is ready to use when Setup is finished. Setup creates
the report server database using a local Database Engine instance, and
configures a report server to use default values.
This option is available only if the default values used in a report
server installation are valid for your system. This option is
recommended for developers who want to install all components locally,
and for users who are evaluating the software.
(Emphasis added)
So there is something in your environment that is preventing this option. To investigate, the article suggests:
To view information about the default Settings that Setup uses, or to
find out why the default configuration cannot be installed, click
Details.
It also suggests looking at What is the Default Configuration to help get more details.
You will need to review all this information in your own environment to get your specific issue.

Using SQL LocalDB in a Windows Service

I have a very small test application in which I'm trying to install a Windows Service and create a LocalDB database during the install process, then connect to that LocalDB database when the Windows Service runs.
I am running into huge problems connecting to a LocalDB instance from my Windows Service.
My installation process is exactly like this:
Execute an installer .msi file which runs the msiexec process as the NT AUTHORITY\SYSTEM account.
Run a custom action to execute SqlLocalDB.exe with the following commands:
sqllocaldb.exe create MYINSTANCE
sqllocaldb.exe share MYINSTANCE MYINSTANCESHARE
sqllocaldb.exe start MYINSTANCE
Run a custom C# action using ADO.NET (System.Data.SqlConnection) to perform the following actions:
Connect to the following connection string, Data Source=(localdb)\MYINSTANCE; Integrated Security=true
CREATE DATABASE TestDB
USE TestDB
CREATE TABLE ...
Start the Windows Service before the installer finishes.
The Windows Service is installed to the LocalSystem account and so also runs as the NT AUTHORITY\SYSTEM user account.
The service attempts to connect using the same connection string used above.
I am consistently getting the following error when trying to open the connection to the above connection string from within the Windows Service:
System.Data.SqlClient.SqlException (0x80131904): A network-related or
instance-specific error occurred while establishing a connection to
SQL Server. The server was not found or was not accessible. Verify
that the instance name is correct and that SQL Server is configured to
allow remote connections. (provider: SQL Network Interfaces, error: 50
- Local Database Runtime error occurred. The specified LocalDB instance does not exist.
This is frustrating because both the msi installer custom action and the Windows Service are running under the same Windows user account (I checked, they're both NT AUTHORITY\System). So why the first works and the second does not is beyond me.
I have tried changing the connection strings used in the custom action and the Windows Service to use the share name (localdb)\.\MYINSTANCESHARE and I get the exact same error from the Windows Service.
I have tried changing the user account that the Windows Service logs on as to my Windows user account, which does work as long as I first run a command to add it to the SQL server logins for that instance.
I've also tried running a console application and connecting to the share name connection string and that works as well.
I've also tried connecting to the share name from SQL Server Management Studio and that works as well.
However none of these methods really solve my problem. I need a Windows Service because it starts up as soon as the computer starts up (even if no user logs on) and starts up no matter which user account is logged in.
How does a Windows Service connect to a LocalDB private instance?
I am using SQL Server 2014 Express LocalDB.

Picking up from the comments on the question, here are some areas to look at. Some of these have already been answered in those comments, but I am documenting here for others in case the info might be helpful.
Check here for a great source of info on SQL Server Express LocalDB:
SQL Server 2014 Express LocalDB
SqlClient Support for LocalDB
SqlLocalDB Utlity
Introducing LocalDB, an improved SQL Express (also look at the Q&A section at the end of the main post, just before the comments, as someone asked if LocalDB can be launched from a service, and the answer is:
LocalDB can be launched from a service, as long as the profile is loaded for the service account.
What version of .Net is being used? Here it is 4.5.1 (good) but earlier versions could not handle the preferred connection string (i.e. #"(localdb)\InstanceName"). The following quote is taken from the link noted above:
If your application uses a version of .NET before 4.0.2 you must connect directly to the named pipe of the LocalDB.
And according to the MSDN page for SqlConnection.ConnectionString:
Beginning in .NET Framework 4.5, you can also connect to a LocalDB database as follows:
server=(localdb)\\myInstance
Paths:
Instances: C:\Users{Windows Login}\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances
Databases:
Created via SSMS or direct connection: C:\Users{Windows Login}\Documents or C:\Users{Windows Login}
Created via Visual Studio: C:\Users{Windows Login}\AppData\Local\Microsoft\VisualStudio\SSDT
Initial Problem
Symptoms:
Database files (.mdf and .ldf) created in the expected location:
C:\Windows\System32\config\systemprofile
Instance files created in an unexpected location:
C:\Users\{current user}\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances
Cause (note taken from "SqlLocalDB Utility" MSDN page that is linked above; emphasis mine):
Operations other than start can only be performed on an instance belonging to currently logged in user.
Things to try:
Connection string that specifies the database (though maybe a long-shot if the error is regarding not being able to connect to the instance):
"Server=(LocalDB)\MYINSTANCE; Integrated Security=true ;AttachDbFileName=C:\Windows\System32\config\systemprofile\TestDB.mdf"
"Server=(LocalDB)\.\MYINSTANCESHARE; Integrated Security=true ;AttachDbFileName=C:\Windows\System32\config\systemprofile\TestDB.mdf"
Is the service running? Run the following from a Command Prompt:
TASKLIST /FI "IMAGENAME eq sqlservr.exe"
It should probably be listed under "Console" for the "Session Name" column
Run the following from a Command Prompt:
sqllocaldb.exe info MYINSTANCE
And verify that the value for "Owner" is correct. Is the value for "Shared name" what it should be? If not, the documentation states:
Only an administrator on the computer can create a shared instance of LocalDB
As part of the setup, add the NT AUTHORITY\System account as a Login to the system, which is required if this account is not showing as the "Owner" of the instance:
CREATE LOGIN [NT AUTHORITY\System] FROM WINDOWS;
ALTER SERVER ROLE [sysadmin] ADD MEMBER [NT AUTHORITY\System];
Check the following file for clues / details:
C:\Users{Windows Login}\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances\MYINSTANCE\error.log
In the end you might need to create an actual account to create and own the Instance and Database, as well as run your service. LocalDB really is meant to be user-mode, and is there any downside to having your service have its own login? And you probably wouldn't need to share the instance at that point.
And in fact, as noted by Microsoft on the SQL Server YYYY Express LocalDB MSDN page:
An instance of LocalDB owned by the built-in accounts such as NT AUTHORITY\SYSTEM can have manageability issues due to windows file system redirection; Instead use a normal windows account as the owner.
UPDATE (2015-08-21)
Based on feedback from the O.P. that using a regular User account can be problematic in certain environments, AND keeping in mind the original issue of the LocalDB instance being created in the %LOCALAPPDATA% folder for the user running the installer (and not the %LOCALAPPDATA% folder for NT AUTHORITY\System ), I found a solution that seems to keep with the intent of easy installation (no user to create) and should not require needing extra code to load the SYSTEM profile.
Try using one of the two built-in accounts that is not the LocalSystem account (which does not maintain its own registry info. Use either:
NT AUTHORITY\LocalService
NT AUTHORITY\NetworkService
Both have their profile folders in: C:\Windows\ServiceProfiles
While I have not been able to test via an installer, I did test a service logging on as NT AUTHORITY\NetworkService by setting my SQL Server Express 2014 instance to log on as this account, and restarted the SQL Server service. I then ran the following:
EXEC xp_cmdshell 'sqllocaldb c MyTestInstance -s';
and it created the instance in: C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances
I then ran the following:
EXEC xp_cmdshell N'SQLCMD -S (localdb)\MyTestInstance -E -Q "CREATE DATABASE [MyTestDB];"';
and it had created the database in: C:\Windows\ServiceProfiles\NetworkService

I was able to solve similar issue in our WiX installer recently. We have a Windows service, running under SYSTEM account, and an installer, where LocalDB-based storage is one of the options for database configuration. For some time (a couple of years actually) product upgrades and service worked quite fine, with no issues related to LocalDB. We are using default v11.0 instance, which is created in SYSTEM profile in C:\Windows\System32\config tree, and a database specified via AttachDbFileName, created in ALLUSERSPROFILE tree. DB provider is configured to use Windows authentication. We also have a custom action in installer, scheduled as deferred/non-impersonate, which runs DB schema updates.
All this worked fine until recently. After another bunch of DB updates, our new release started to fail after having upgraded over the former - service was unable to start, reporting infamous "A network-related or instance-specific error occurred while establishing a connection to SQL Server" (error 50) fault.
When investigating this issue, it became apparent that the problem is in a way WiX runs custom actions. Although non-impersonated CA-s run under SYSTEM account, the registry profile and environment remain that of current user (I suspect WiX loads these voluntary when attaching to user's session). This leads to incorrect path being expanded from the LOCALAPPDATA variable - the service receives SYSTEM profile one, but the schema update CA works with the user's one.
So here are two possible solutions. The first one is simple, but too intrusive to user's system - with cmd.exe started via psexec, recreate broken instance under the SYSTEM account. This was not an option for us as the user may have other databases created in v11.0 instance, which is public. The second option assumed lots of refactoring, but wouldn't hurt anything. Here is what to do to run DB schema updates properly with LocalDB in WiX CA:
Configure your CA as deferred/non-impersonate (should run under SYSTEM account);
Fix environment to point to SYSTEM profile paths:
var systemRoot = Environment.GetEnvironmentVariable("SystemRoot");
Environment.SetEnvironmentVariable("USERPROFILE", String.Format(#"{0}\System32\config\systemprofile", systemRoot));
Environment.SetEnvironmentVariable("APPDATA", String.Format(#"{0}\System32\config\systemprofile\AppData\Roaming", systemRoot));
Environment.SetEnvironmentVariable("LOCALAPPDATA", String.Format(#"{0}\System32\config\systemprofile\AppData\Local", systemRoot));
Environment.SetEnvironmentVariable("HOMEPATH", String.Empty);
Environment.SetEnvironmentVariable("USERNAME", Environment.UserName);
Load SYSTEM account profile. I used LogonUser/LoadUserProfile native API methods, as following:
[DllImport("advapi32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool LogonUser(
string lpszUserName,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[StructLayout(LayoutKind.Sequential)]
struct PROFILEINFO
{
public int dwSize;
public int dwFlags;
[MarshalAs(UnmanagedType.LPWStr)]
public String lpUserName;
[MarshalAs(UnmanagedType.LPWStr)]
public String lpProfilePath;
[MarshalAs(UnmanagedType.LPWStr)]
public String lpDefaultPath;
[MarshalAs(UnmanagedType.LPWStr)]
public String lpServerName;
[MarshalAs(UnmanagedType.LPWStr)]
public String lpPolicyPath;
public IntPtr hProfile;
}
[DllImport("userenv.dll", SetLastError = true, CharSet = CharSet.Unicode)]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool LoadUserProfile(IntPtr hToken, ref PROFILEINFO lpProfileInfo);
var hToken = IntPtr.Zero;
var hProfile = IntPtr.Zero;
bool result = LogonUser("SYSTEM", "NT AUTHORITY", String.Empty, 3 /* LOGON32_LOGON_SERVICE */, 0 /* LOGON32_PROVIDER_DEFAULT */, ref token);
if (result)
{
var profileInfo = new PROFILEINFO();
profileInfo.dwSize = Marshal.SizeOf(profileInfo);
profileInfo.lpUserName = #"NT AUTHORITY\SYSTEM";
if (LoadUserProfile(token, ref profileInfo))
hProfile = profileInfo.hProfile;
}
Wrap this in an IDisposable class, and use with a using statement to build a context.
The most important - refactor your code to perform necessary DB updates in a child process. This could be a simple exe-wrapper over your installer DLL, or stand-alone utility, if your already have one.
P.S. All these difficulties could be avoided, if only Microsoft let uses choose where to create LocalDB instances, via command line option. Like Postgres' initdb/pg_ctl utilities have, for example.

I suggest using a different user account, and not using the System account, by doing the following:-
create a new account on the machine, and set that to be the account
under which the Windows Service runs. It's not good practice to use
the system account just to run an application, anyway, as the
permissions are excessive.
ensure that the permissions on the LocalDB files are set to allow the said user account to access the database (and thus continue to
use Integrated Security)
make sure it works by trying to connect to the DB (once installed) under the same user account by running sqlcmd or Management Studio
under the context of the said user, then connecting with Integrated
Security to ensure it works.
Some other things to try/consider:
have you checked the Windows Event log for any events that might be useful for diagnostic purposes?
Make sure that if you have any other versions of SQL Server (especially prior to 2012) that for the command-line tools, the %PATH% isn't set to find an older tools version first. Older tools don't support LocalDB.
It is possible also (as an alternative) to set up LocalDB to be shared with other users. This involves sharing the instance, and then granting access to other users. See the "Sharing Issues" section in this article: Troubleshoot SQL Server 2012 Express LocalDB.
There's also another SO article that may contain some more useful information there in the links within (change the language in the URL from Polish to English by changing pl-pl to en-us). His work-around is using SQL Server accounts, which might not be OK in your case.
This might also be useful, as it relates to security permissions being denied, and possible resolutions: https://dba.stackexchange.com/questions/30383/cannot-start-sqllocaldb-instance-with-my-windows-account

Trevor, the problem you have is with the MSI custom actions. You must configure them with "Impersonate=false" otherwise the custom actions will be executed under the current user context.
BTW what tool are you using to create the installer?
Depending on the tool you use, could you please provide screenshots or code snippets of your custom actions configuration?
The accepted answer from this post will give you some additional information about the different custom action execution alternatives:
Run ExeCommand in customAction as Administrator mode in Wix Installer
You will find additional information about impersonation here:
http://blogs.msdn.com/b/rflaming/archive/2006/09/23/768248.aspx

I wouldn't create the database under the system's localdb instance. I'd create it under the current user installing the product. This will make life much easier if you need to delete or manage the database. They can do this through sql management studio. Otherwise, you'll have to use psexc or something else to launch a process under the SYSTEM account to manage it.
Once the db is created, then use the share option you mentioned. The SYSTEM account can then access the database through the share name.
sqllocaldb share MSSqlLocalDb LOCAL_DB
When sharing, I've noticed you'll have to restart the the local db instance to actually access the db through the share name:
sqllocaldb stop MSSQLLocalDB
sqllocaldb start MSSQLLocalDB
Also, You may need to add the SYSTEM account as a db reader and writer to the database ...
EXEC sp_addrolemember db_datareader, 'NT AUTHORITY\SYSTEM'

Configuring NuGet server to use Authentication

The release notes for NuGet 1.5 state
NuGet now supports connecting to private repositories that require basic
or NTLM authentication.
However, the link contained in there simply leads to the hosting your own nuget feeds page, without any further mention of how to set up authentication.
I would like to set up a NuGet server that is accessible via https from the internet, but only allows people who can successfully authenticate to view or download the packages on the server.
I did create an application without auth as described in the Creating Remote Feeds section in the documentation, and it works nicely on the intranet. What do I have to do to enable authentication on this repo?
An additional requirement would be that solution should not cost hundreds of dollars (the first two answers promote products that might solve the problem but cost a lot).

This can be done by enabling Windows Authentication on the Web Site and adding credentials on the build server via the Sources command-line option, by default the credentials are stored using a DPAPI key restricted to the current user on the current machine (thus, for a build server, you would need to add credentials while logged in under the service account.)
For Developer workstations you only need to add the feed in NuGet Package Manager and then input/store credentials when refreshing the feed (you should be prompted.)
Step 1 - Require Authentication on NuGet Server (IIS Configuration)
You need to make sure the authentication module you wish to use is installed for IIS, for NTLM auth you will need the Windows Authentication module. Once installed you can open IIS Manager and drill down to your website, open the Authentication settings and Enable Windows Authentication, be sure to disable any authentication modules you do not want to support (such as Anonymous, Basic, etc.)
To ensure that user credentials are used, right-click on the Site and select "Advanced Settings", then click on the button for "Physical Path Credentials". In the dialog ensure that "Application User (pass-through authentication)" is selected.
More detailed information about standard IIS configuration for Windows Authentication can be found on TechNet including configuring from a command-line and enabling Negotiate (if that was your goal.)
Step 2 - Add Sources to NuGet Config (Build Server, Publishers)
nuget.exe sources add -Name "Fabrikam Feed" -Source "https://nuget.fabrikam.com:443/nuget/"
nuget.exe sources add -Name "Fabirkam Publish" -Source "https://nuget.fabirkam.com:443/"
Here we are adding two entries, one which will be used as the normal, authenticated Feed URL (for fetching packages from the server.) The second will be used for publishing to the server (adding or updating nupkg files.)
Step 3 - Update Credentials for Added Sources (Build Server, Publishers)
nuget.exe sources update -Name "Fabrikam Feed" -Source "https://nuget.fabrikam.com:443/nuget/" -UserName "Developer" -Password "g0d"
nuget.exe sources update -Name "Fabrikam Publish" -Source "https://nuget.fabrikam.com:443/" -UserName "Developer" -Password "g0d"
Here we have added credentials to the config, if you view %APPDATA%\NuGet\NuGet.config you should see the feeds you have added as well as encrypted credentials.
If you do not have the ability to log in as the server it is possible to store credentials in clear text by utilizing the StorePasswordInClearText option, but this is not advised in a shared environment.
Step 4 - (Optional) Disable the Publish URL in Visual Studio (Developers)
Open Visual Studio and navigate to the NuGet Package Manager Settings Dialog, untick the "Fabrikam Publish" feed. This will not affect your ability to publish, however, if you do not disable this feed you will receive errors when you try and refresh packages for "All" sources (as it is a publish URL, not a feed URL.)
Step 5 - (Optional) Store Windows Credentials in Visual Studio (Developers)
Open Visual Studio and navigate to the NuGet Package Manager, click on "Fabrikam Feed". You should be prompted for credentials. You can enter credentials here and tick the save/remember options. This ensures that attempting to refresh the feed in Visual Studio doesn't constantly ask for credentials. In the latest releases of NuGet Package Manager the feed is fetched using a standard HTTP request and the credentials you've stored to nuget.config are NOT used.
Notes:
You do not need a third party solution to host private, secure feeds. NuGet server is freely available and NTLM/AD/Windows security is supported by both IIS and NuGet tooling.
Developers who do not need to publish to the feed do not need to store credentials in their config. They also do not need a 'Publish' feed configured. This is only necessary for build servers or other publishers (re: Steps 2 and 3.)
All developers who will use the package feed will be interested in Step 5, this should be all that is required for most developers. They can simply add the feed from within Visual Studio, then enter their credentials when prompted.
If credentials change you can navigate to Start -> Manage Windows Credentials and delete "VSCredentials_nuget.fabrikam.com".
Step 2 can be performed in visual studio, but for clarity I've given the command-line here. Step 3, however, must be performed via command-line (or using the NuGet APIs.)
In a future release of NuGet rumor is credential information can be stored at the solution or project level (details are unclear), this is likely only of interest to people in a multi-tenant build environment where they do not have access to the build server.
Hope this helps someone else out there!

The solution I actually chose was to use TeamCity as NuGet server; while it's a bit of a hassle to set up because it lacks nuget push functionality, it now works nicely and at no additional cost serving NuGet packages to authenticated users only.

SQLExpress connection fails in IIS 7 w/ user instance error - "Failed to generate a user instance

Mainly looking to answer my question #1 below, but more knowledge would be appreciated.
I tried to use these resources during my investigation, but was unsuccessful:
http://social.msdn.microsoft.com/Forums/en/sqldatabaseengine/thread/f5eb164d-9774-4864-ae05-cac99740949b (For this error: Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed.)
http://social.msdn.microsoft.com/forums/en-US/sqlexpress/thread/6dfdcc22-7a81-4e8f-a947-c1ce6982d4b3/ (For this error: CREATE DATABASE permission denied in database master. An attempt to attach an auto-named database for file ? failed. A database with the same name exists, or specified file cannot be opened, or it is located on UNC share.)
Questions
1.) Why does this error occur while running the Telerik Rad Controls for ASP.NET AJAX "Live Demos" project with IIS 7 (Running Telerik Live Demos works fine using ASP.NET Development Server with this connection string)
Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed.
2.) How is creating a SQL Server Express instances different in IIS 7, from ASP.NET Development Server & SSMSE
3.) Are there certain attributes of a SQL connection string not allowed when running a website on different contexts (based on #2).
Environment:
I'm not running the "Live Demos" .NET 3.5 ASP.NET web application via the ASP.NET Development Server (feature that pops up in your system tray and picks a port for you after clicking play in Visual Studio). That works just fine! I'm running the website on IIS 7. SQL Server Express is using the NETWORK SERVICE user in Control Panel > Administrative Tools > Services > SQL Server (SQLExpress).
Using this connection string provided with the installed "Live Demos" web application demo project:
<add name="NorthwindConnectionString"
connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|Northwind.mdf;Integrated Security=True;User Instance=True"
providerName="System.Data.SqlClient" />
I've tried setting "User Instance=False", but that just throws another error:
CREATE DATABASE permission denied in database master. An attempt to attach an auto-named database for file ? failed. A database with the same name exists, or specified file cannot be opened, or it is located on UNC share.
(where "?" is the path of the *.mdf file - C:\Users\\MyDocuments\Visual Studio 2008\Projects\TelerikDemos\Telerik\RadControls for ASP.NET AJAX Q2 2011\Live Demos\App_Data\Northwind.mdf .. Stack Overflow italics is broken with some of those characters, so I had to remove that path)
Someone answered me on a previous question to set this "User Instance=False", but it appears User instances have nothing to do with whether or not you use SQL Express. User Instances are simply a feature of SQL Express that allows a very unprivileged user to host a database instance in it's own user context.
Note, this Northwind database is stored in an *.mdf file in the App_Data folder (under the "Live Demos" root application directory) along with the *.ldf (log file). I did previously try attaching the *.mdf files as actual databases under the "Databases" folder (in the SSMSE Object Explorer tree), but later removed them.
Web application "Live Demos" root folder (and nested folders/files) have the following users assigned with ALL privileges:
- IIS APPPOOL\Telerik ("Telerik" is the name of my application pool in IIS 7 for this site)
- IUSR
- NETWORK SERVICE
Making a note for myself about this SQLExpress master database query:
SELECT * FROM sys.dm_os_child_instances
Also tried different combinations of *.mdf & *.ldf permissions while also changing the user on the SQL Server (SQLExpress) Windows 7 service (Control Panel > Administrative Tools > Services) .. and also restarted the service after making those changes.
To reproduce:
download the Telerik Rad Controls for ASP.NET AJAX. Set the permimssions I mentioned in the "Live Demos" folder under Program Files\Telerik, change the .NET version of the web application to .NET 3.5, switch out their 3.5 web.config file with the normal web.config file in that folder. You have to use Visual Studio 2010, but I am running this in Visual Studio 2008 (with a little grunt work I did because our company is not yet on VS2010). Also switch out the proper Bin35 assemblies into the "Live Demos" folder Bin folder. Compile the solution. Create an IIS 7 website. Add Windows authentication. Enabled anonymous and Windows authentication.. all others are disabled. Set application pool to use Classic and 32 bit.
Then navigating to this URL and clicking the "First Look" image.
http://localhost/combobox/examples/overview/defaultcs.aspx
====================
More evidence will be provided if requested.

You are using a connection string with trusted authentication = true. This means that the connection uses the security context of the calling process.
When you run with the development server you are running in the security context of the logged in user, so every thing works fine.
When you run in IIS you are in the security context of the application pool process, which is NETWORK SERVICE, which does not have a user profile, therefore it crashes.
You can fix it by either:
Change the identity of the application pool to a normal user with access to the database
Use a connection string with user name and password

IIS doesn't load the Windows user profile, but certain applications might take advantage of it anyway to store temporary data. SQL Express is an example of an application that does this. However, a user profile has to be created to store temporary data in either the profile directory or in the registry hive. The user profile for the Network Service account was created by the system and was always available. However, with the switch to unique Application Pool identities, no user profile is created by the system. Only the standard application pools (DefaultAppPool and Classic .NET AppPool) have user profiles on disk. No user profile is created if the Administrator creates a new application pool.
However, if you want, you can configure IIS application pools to load the user profile by setting the LoadUserProfile attribute to "true".
https://learn.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities