Re: Can my ASP.NET dev workstation see remote SQL server?

From: Kevin McDonnell [MSFT] (kevmc_at_online.microsoft.com)
Date: 03/11/04


Date: Thu, 11 Mar 2004 20:31:01 GMT

Login failed for user 'null' means that we were unable to 'impersonate' the
user. We need to be able to impersonate when we authenticate to SQL using
your Windows NT credentials.

Typical client server environment:

Scenario 1:
Client ----> SQL
If this fails, then it may be a problem with the communication between the
client and the Domain Controller. You can make network traces from the
client and /or enable Kerberos logging to verify if this is the case. This
may occur when using sockets, but not with Named Pipes connections.

Scenario 2:
Web Server/SQL Environment

Client--->IIS--->SQL.

If your scenario looks like the Scenario 2 (Web Server/SQL Environment),
then this scenario is more complicated to configure.
The middle machine (IIS) must be trusted for Security Delegation. And the
Domain Admin needs to set the spn for SQL Server.
The client machine must use TCP/IP and authenticate via Kerberos
authentication. If it uses NTLM, then this will fail with "Login failed
for user 'null'".

This article goes over various scenarios:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/SecNetch05.asp

Thanks,

Kevin McDonnell
Microsoft Corporation

This posting is provided AS IS with no warranties, and confers no rights.



Relevant Pages

  • RE: NT Authentication
    ... Typical client server environment: ... Client ----> SQL ... If your scenario looks like the Scenario 2, ... The client machine must use TCP/IP and authenticate via Kerberos ...
    (microsoft.public.sqlserver.security)
  • RE: Add NT users
    ... Typical client server environment: ... Client ----> SQL ... If your scenario looks like the Scenario 2, ... The client machine must use TCP/IP and authenticate via Kerberos ...
    (microsoft.public.sqlserver.security)
  • Re: Dont understand what version of SQL to install
    ... I'm talking about developing and testing databases for my client and ... To my XP, I can add SQL Developer 2008 to develop (I guess I should say, ... So I can use SQL Developer 2008 to create a database in standard 2005, ... installed on Client OSs such as Windows Vista. ...
    (microsoft.public.sqlserver.setup)
  • Re: DataSet.GetChanges() in RowChanged(DataRowAction.Add)
    ... have you considered SQL Express and use ... > I realize now that I didn't describe well how the client application is ... > Framework installed on the client machine, but not any SQL Server). ... > 20 tables in different relations with eachother in the database, ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Oracle 10g2 LIKE operator and case-insensitive issues
    ... SQL> CREATE INDEX IDXTESTCASE ON AUTENTI; ... Predicate Information: ... 338 bytes received via SQL*Net from client ... sorts (memory) ...
    (comp.databases.oracle.server)