A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.

AI OnAI Off

Home / Blogs / 2015 / 10 /

Henrik Fransas

Oct 27, 2015

13571

(5 votes)

How to create a admin sql user through code

Sometimes you need to have a sql user in your development environment and this is easy to create by code on startup of the application.

In this example I added an if statement so that this is only running if the application are running in debug mode and this is because I do not want this to be created in test och production, only in dev environment.

Important, if you copy this, change the username and password to fit your needs, this is just an example with a generated password!!!

using System.Configuration.Provider;
using System.Web.Security;
using EPiServer.Framework;
using EPiServer.Framework.Initialization;
using EPiServer.Logging.Compatibility;

namespace Alloy46.Business
{
    [InitializableModule]
    public class CreateAdminUserAndRoles : IInitializableModule
    {
        private static readonly ILog Log = LogManager.GetLogger(typeof(CreateAdminUserAndRoles));

        public void Initialize(InitializationEngine context)
        {
#if DEBUG
            var mu = Membership.GetUser("EpiSQLAdmin");

            if (mu != null) return;

            try
            {
                Membership.CreateUser("EpiSQLAdmin", "6hEthU", "EpiSQLAdmin@site.com");

                try
                {
                    this.EnsureRoleExists("WebEditors");
                    this.EnsureRoleExists("WebAdmins");

                    Roles.AddUserToRoles("EpiSQLAdmin", new[] { "WebAdmins", "WebEditors" });
                }
                catch (ProviderException pe)
                {
                    Log.Error(pe);
                }
            }
            catch (MembershipCreateUserException mcue)
            {
                Log.Error(mcue);
            }
#endif
        }

        public void Uninitialize(InitializationEngine context)
        {
        }

        private void EnsureRoleExists(string roleName)
        {
            if (Roles.RoleExists(roleName)) return;

            try
            {
                Roles.CreateRole(roleName);
            }
            catch (ProviderException pe)
            {
                Log.Error(pe);
            }
        }
    }
}

Oct 27, 2015

Comments

Aria Zanganeh Jan 19, 2017 11:46 AM

Great idea. I could in production this can become security breach! I think we just need to have this in DEBUG mode and RELEASE mode we should exclude:

#define DEBUG

Henrik Fransas Jan 20, 2017 08:49 AM

Aria

This means that is is only running in debug-mode, but yes you are hardcoding a password and if someone reverse your code they will see it, but for that you can instead define the name and password in web.config (I do not think you get that info).

Kristoffer Lindén Dec 14, 2017 09:54 AM

Updated version for CMS 11 is found here.

https://world.episerver.com/blogs/kristoffer-linden/dates/2017/12/create-episerver-login-account-by-code/

/Kristoffer

Please login to comment.

Looking back at Optimizely in 2025

Explore Optimizely's architectural shift in 2025, which removed coordination cost through a unified execution loop. Learn how agentic Opal AI and...

Andy Blyth | Dec 17, 2025 |

Cleaning Up Content Graph Webhooks in PaaS CMS: Scheduled Job

The Problem Bit of a niche issue, but we are building a headless solution where the presentation layer is hosted on Netlify, when in a regular...

Minesh Shah (Netcel) | Dec 17, 2025

A day in the life of an Optimizely OMVP - OptiGraphExtensions v2.0: Enhanced Search Control with Language Support and Synonym Slots

Supercharge your Optimizely Graph search experience with powerful new features for multilingual sites and fine-grained search tuning. As search...

Graham Carr | Dec 16, 2025

A day in the life of an Optimizely OMVP - Optimizely Opal: Specialized Agents, Workflows, and Tools Explained

The AI landscape in digital experience platforms has shifted dramatically. At Opticon 2025, Optimizely unveiled the next evolution of Optimizely Op...

Graham Carr | Dec 16, 2025

See all blogs