A ClickOnce gotcha – FIPS algorithms

If you are using FIPS, your ClickOnce applications might not work. I ran into this bug running BookSmarts, an application I wrote. Turned FIPS on and started receiving errors.

The issue is that enabling FIPS makes the mechanism that verifies the validity of ClickOnce applications fail every time.

The article, a very long one, can be found here: https://support.microsoft.com/en-us/kb/811833

Just keep this in mind if you are trying to support someone who is the odd ball out.

Note: Enabling/Disabling FIPS in Windows is done through the registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled (DWORD)

1 is on, 0 is off

When changing this setting, it’s necessary to reboot the computer.

Finding All The Logins Not Associated to Database Users

Today I ran into a particular issue, consolidating user accounts. In this particular exercise, I needed to remove old user accounts that were not tied to any databases. Here is a neat trick I did to get a reasonable number of logins to look at for disabling.

CREATE TABLE ##names (NAME SYSNAME);
EXEC sp_msforeachdb ‘insert into ##names (name) select name from [?].sys.sysusers’;

SELECT name,
loginname
FROM sys.syslogins l
WHERE NOT EXISTS ( SELECT *
FROM ##names u
WHERE u.name=l.name )

Using the unsupported sp_msforeachdb stored procedure I could dump all the usernames into a table and compare it to the logins. Simple, quick, dirty…But saved a lot of time!