Oracle – ASP.Net Error [im003] Error

October 8, 2014

Error [im003] specified driver could not be loaded due to system error  5 (oracle in oracle9i)

I had a strange error when accessing an Oracle database over ODBC using an ASP.NET (4.0 framework) Application running on IIS 6.0.

The page could not load the database tables while the ODBC manager gave no errors ?


In the eventviewer I saw a lot of ASP.NET 4.0.30319.0 – Event ID 1309


This showed definitely a security issue on the Oracle home directory.


Solution :

Oracle 9.2 Client software requires that you give the Authenticated User privilege to the Oracle Home by following these steps:

1. Log on to Windows as a user with Administrator privileges.

2. Launch Windows Explorer from the Start Menu and and navigate to the ORACLE_HOME folder. This is typically the “Ora92” folder under the “Oracle” folder (i.e. C:\Oracle\Ora92).

3. Right-click on the ORACLE_HOME folder and choose the “Properties” option from the drop down list. A “Properties” window should appear.

4. Click on the “Security” tab of the “Properties” window.

5. Click on “Authenticated Users” item in the “Name” list (on Windows XP the “Name” list is called “Group or user names”).

6. Clear the “Read and Execute” box in the “Permissions” list under the “Allow” column (on Windows XP the “Permissions” list is called “Permissions for Authenticated Users”).

7. Re-check the “Read and Execute” box under the “Allow” column (this is the box you just unchecked).

8. Click the “Advanced” button and in the “Permission Entries” list make sure you see the “Authenticated Users” listed there with:

· Permission = Read & Execute
· Apply To = This folder, subfolders and files

If this is NOT the case, edit that line and make sure the “Apply onto” drop-down box is set to “This folder, subfolders and files”. This should already be set properly but it is important that you verify this.

9. Click the “OK” button until you close out all of the security properties windows. The cursor may present the hour glass for a few seconds as it applies the permissions you just changed to all subfolders and files.

10. Reboot your computer to assure that these changes have taken effect. (no need for this in my case).

11. Re-execute the application and it should now work.

This made it works like a charm !

Reason was that IIS user did not have enough permission on the folders and subfolders ?

SSRS – Connect to an OLAP cube using XML/A

September 16, 2014

While there is native way in Report Builder 3.0 to connect to an MS SQL OLAP Cube.

I wan’t to demonstrate an alternative way to connect to ANY kind of OLAP cube that supports XML/A.

For MS SQL you first need to configure your OLAP Analisys Services to be able to connect using XML/A protocol.

For Windows Server 2003 look here for Windows Server 2008 look here

Make sure you have the IIS Application Pool settings set to be 32Bit compatible.


Once you have it running you can connect SSRS using the msmdpump.dll

Like this :


You can use multiple XML/A compatible clients like for example Kettle Spoon.


Where you can enter your MDX query and test it.

As well as just plain MS Excel to connect to the OLAP Cube using XML/A connection


Or even PowerPivot as a client to connect.


But back to SSRS, it goes like this. Choose SQL Analysis Server, and point the to the XML/A URL as connection string.


And you can access the Dimensions using regular MDX Queries.



Apart from the fact that you access multiple OLAP Cube brands like for example the In-Memory IcCube



And using Multiple Clients – see above.

It comes also is also is not blocked by the firewall since XML/A uses the HTML (80) or SHTML (443) port.

Enjoy !

Windows – Monitor the IIS logon Sessions and more …

August 29, 2014

I find it very hard to monitor who is logged on the which session in Windows.

Using the Event Viewer you get these Logon types possible:


Logon Type Description
2 Interactive (logon at keyboard and screen of system) Windows 2000 records Terminal Services logon as this type rather than Type 10.
3 Network (i.e. connection to shared folder on this computer from elsewhere on network or IIS logon – Never logged by 528 on W2k and forward. See event 540)
4 Batch (i.e. scheduled task)
5 Service (Service startup)
6 Unlock (i.e. unnattended workstation with password protected screen saver)
7 NetworkCleartext (Logon with credentials sent in the clear text. Most often indicates a logon to IIS with “basic authentication”) See this article for more information.
8 NewCredentials
10 RemoteInteractive (Terminal Services, Remote Desktop or Remote Assistance)
11 CachedInteractive (logon with cached domain credentials such as when logging on to a laptop when away from the network)

And even more difficult to monitor it for IIS using SharePoint.

Solution is given by the famous MS SysInternal Team.

They created the tool LogOnSessions.exe –p


Exporting this to a text a log file using the > “C:\Temp\LogonSessions.log” parameter give you the data to be used for later treatment.

Or use Powershell Winking smile


$Cmd ="C:\Apps\MS SysInternal\logonsessions.exe"

$cmdOutput = & $Cmd 2>&1

# echo "--------"
# echo $cmdOutput
# $cmdOutput | Tee-Object -Variable scriptOutput | % { "processing Output : $_ " }
# echo "--------"
echo ""
echo "Number of Objects $($scriptOutput.Count) Too many let's filter :)"
echo ""

$cmdOutput | Tee-Object -Variable scriptOutput | % { $_} | `

    Where-object {$_ -like '*UPN*' `
    -and $_ -notlike  "*Administrator*" `
    -and $_ -notlike  "*spFarm*" `
    -and $_ -notlike "*SRV*"} `
        |  Sort-Object -descending | Get-Unique

Output looks like this giving you only the remote users Login Accounts  (UPN)Smile


Enjoy !