Re: Login failed for user '\'
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 08/24/05
- Next message: Rainer Kroos: "ASP.NET 2.0 GridView: how-to allow edit+delete only some users / groups"
- Previous message: Dominick Baier [DevelopMentor]: "Re: Access to path **** denied."
- In reply to: Karl S.: "Re: Login failed for user '\'"
- Next in thread: Karl S.: "Re: Login failed for user '\'"
- Reply: Karl S.: "Re: Login failed for user '\'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Aug 2005 01:06:58 -0700
Hello Karl S.,
so you are trying to access a back end resource using impersonated credentials.
this is called delegation and has to be configured.
have a look at:
http://www.leastprivilege.com/TroubleshootingKerberosDelegation.aspx
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Hi Dominick,
>
> I do have <identity impersonate="true" /> set in the web.config
> file. It does seem like it isn't taking though. Any thoughts on how
> to verify it?
>
> ~Karl
>
> "Dominick Baier [DevelopMentor]" wrote:
>
>> Hello Karl S.,
>>
>> do you have impersonation enabled??
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I'm at a loss to what the solution is. I have an intranet
>>> application
>>> that
>>> runs on w2k3 with iis 6.0 security set to Integrated Windows
>>> authentication
>>> only. I am using C# in .NET 2003 (7.1.3088) w/ Framework 1.1
>>> (1.1.4322 SP1).
>>> The web.config authentication mode="Windows" and authorization set
>>> to
>>> <allow
>>> users="*" />.
>>> This app is trying to connect to SQL 7.0 on an NT server in the same
>>> domain.
>>> I currently have a web service running on the same w2k3 web server
>>> that
>>> accesses this same SQL Server but uses anonymous access (set to a
>>> domain
>>> user) and it connects just fine. Here's a stripped down version of
>>> the routine that throws the exception.
>>> private DataTable getData()
>>> {
>>> SqlConnection conn = new SqlConnection
>>> ("server=ntServer;database=myDB;
>>> Integrated
>>> Security=SSPI");
>>> conn.Open(); <--------- throws SqlException
>>> ...
>>> }
>>> When I use WindowsPrincipal.Identity.Name.ToString() to see who this
>>> .NET app is being ran as, it comes back with the correct
>>> domain\username that has proper access to the database (I even used
>>> the domain admin account). But the SQL Error message is saying
>>> "Login
>>> failed for user'\'". I tried setting the authentication mode to
>>> anonymous and use the same user and SqlConnection as my web service
>>> but I get the same error message. I've got to be missing something
>>> but what?
>>> Please help.
>>>
- Next message: Rainer Kroos: "ASP.NET 2.0 GridView: how-to allow edit+delete only some users / groups"
- Previous message: Dominick Baier [DevelopMentor]: "Re: Access to path **** denied."
- In reply to: Karl S.: "Re: Login failed for user '\'"
- Next in thread: Karl S.: "Re: Login failed for user '\'"
- Reply: Karl S.: "Re: Login failed for user '\'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
