Windows authentication from ASP.NET to SQL Server
From: Nils Magnus Englund (nils.magnus.englund_at_orkfin.no)
Date: 08/09/05
- Next message: Cactus Corp.: "Re: Another Sql Injection"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: Another Sql Injection"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: Windows authentication from ASP.NET to SQL Server"
- Reply: Dominick Baier [DevelopMentor]: "Re: Windows authentication from ASP.NET to SQL Server"
- Reply: Paul Clement: "Re: Windows authentication from ASP.NET to SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 9 Aug 2005 11:43:56 +0200
Hello,
I am having trouble using Integrated Windows Authentication between our
intranet server and our database server, both of which are on our local
domain.
Windows authentication works for our intranet server - my domain user
"DOM\nme" is correctly authenticated and authorized to view the ASP.NET page
on our intranet. In Web.config, I have both <identity impersonate="true" />
and <authentication type="Windows" />. I have disabled anonymous access in
IIS 6.0.
Windows authentication also works for the SQL Server; when logged on to the
domain, I can start Query Analyzer and connect to the SQL Server using
Windows authentication. Permissions on the SQL Server are also correctly set
up.
However, problems arise when I want to connect to the SQL Server from the
ASP.NET page - I get the fairly common error message below:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection.
Although I do get a lot of hits when searching for this specific error, I
still can't seem to find the cause of the problem.
The connection string I'm using to connect to the SQL Server is:
"Server=DB;Integrated Security=SSPI;Database=IntranetDB".
When setting <identity impersonate="false">, I get the error message "Login
failed for user 'DOM\INTRANET$'." - DOM\INTRANET$ is the hostname of the
intranet server.
In the database servers event log, I can see two events (supplied below)
after trying to authenticate (unsuccessfully) from the ASP.NET application
to the SQL Server as "DOM\nme".
What do I need to do to let users use Windows authentication against the DB
server as well?
Regards,
Nils Magnus Englund
(event log entries follows...)
Date: 08.08.2005
Source: Security
Time: 15:14:55
Category: Logon/Logoff
Type: Success Audit
Event ID: 540
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DB
Description:
Successful Network Logon:
User Name:
Domain:
Logon ID: (0x0,0x5CE408)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: INTRANET
Logon GUID: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: -
Source Port: -
Date: 08.08.2005
Source: Security
Time: 15:14:55
Category: Logon/Logoff
Type: Success Audit
Event ID: 538
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DB
Description:
User Logoff:
User Name: ANONYMOUS LOGON
Domain: NT AUTHORITY
Logon ID: (0x0,0x5CE408)
Logon Type: 3
- Next message: Cactus Corp.: "Re: Another Sql Injection"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: Another Sql Injection"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: Windows authentication from ASP.NET to SQL Server"
- Reply: Dominick Baier [DevelopMentor]: "Re: Windows authentication from ASP.NET to SQL Server"
- Reply: Paul Clement: "Re: Windows authentication from ASP.NET to SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
