Using Integrated Security From .Net Web To Access SQL Server 2005
Oct 19, 2007
If I am posting to the wrong forum, please point me in the right direction.
We have upgraded to SQL Server 2005 and Window 2003 from SQL Server 2000 and Windows 2000, and have been having all kinds of problems with security of our web applications. We have been forced to put the system account of the web server as a user in the database in order for the web applications to work. We have lost the ability to control security at the user/role level. Is this the way security is going to work in Windows 2003/SQL Server 2005? How do I use integrated security so that I can secure web pages and database objects?
Thanks
Hello, I'm new to ASP, but developping in Sql for years. What we would like to have is that the user is accessing the database over it's own Windows Logon. Our triggers log quite some changes and are using UserName() for this. I've treid to force the IIS to accept Windows Integration only, the SqlDataSource users a connection that has Integrated Security = True. But when connection to the site i'm gatting error that there is no trusted connection for the user . (dot) ... I suppose i'm missing something but could you give me a hint where to start looking..... THX
We have built a .NET on SQL Server application with extensive business functionality and security. It uses SQL integrated security to control logon and access to the database objects. There is business logic built into the .NET code, so I don€™t want any chance that users access the tables directly through a tool such as Management Studio - many users need update, delete, insert on tables in order to use the applications functions. With integrated security they can logon through SQL Management Studio and change data in the tables directly.
How are people who are using integrated security for their business applications preventing logons through unauthorized tools or applications?
I know from searching this forum that there have been many variations of the issue I'm currently suffering, but I haven't found anything quite like mine or a solution to solve it. The issue I'm running into is that I am unable to log on to Reporting Services using Management Studio or the web interface when Windows Integrated Security is enabled. I have full functionality using basic security, but the risks involved make it impossible to deploy basic authentication out into production. The error I'm receiving in Management Studio is The request failed with HTTP status 401: Unauthorized. (Microsoft.SqlServer.Management.UI.RSClient). I recieve the same error when I try the web interface.
I've looked the most recent logfile in WindowsSystem32LogFilesW3SVC1 and these entries match up to the time I attempted my authentication.
Code Snippet 2008-05-12 20:30:42 <Edited: Server IP> GET /reports - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:42 <Edited: Server IP> GET /reports - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 301 0 0 2008-05-12 20:30:42 <Edited: Server IP> GET /reports/ - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:46 <Edited: Server IP> GET /reports/home.aspx - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 302 0 0 2008-05-12 20:30:46 <Edited: Server IP> GET /reports/Pages/Folder.aspx - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:47 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 2 2148074254 2008-05-12 20:30:47 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 0 2008-05-12 20:30:47 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 2148074248 2008-05-12 20:30:49 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 2 2148074254 2008-05-12 20:30:49 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 0 2008-05-12 20:30:49 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 2148074248 2008-05-12 20:30:50 <Edited: Server IP> GET /reports/Pages/Folder.aspx - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 500 0 0 2008-05-12 20:30:50 <Edited: Server IP> GET /Reports/js/ReportingServices.js - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:50 <Edited: Server IP> GET /Reports/js/ReportingServices.js - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0 2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/styles/ReportingServices.css - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/blank.gif - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/blank.gif - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0 2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/48error.jpg - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/styles/ReportingServices.css - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0 2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/48error.jpg - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0 2008-05-12 20:31:07 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:31:07 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 0 2008-05-12 20:31:13 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254 2008-05-12 20:31:13 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 0
I tried to highlight one of each of the HTTP errors I am getting. 401.2 and 401.1 are the ones I kind of expected, but have no idea why I'm getting them. The 500 0 error is a bit troubling, because unless I'm mistaken thats a server side error.
Here's my current setup. As far as I can tell, I've done everything to set up correctly for Windows Integerated security.
My Specs The server machine running all SQL 2005 services. It resides in a domain. All Clients are in the same domain.
Intel Dual Processor 3.20 gig Xenon
Windows Server 2003 w/ SP2
Microsoft Sql Server 2005 w/ SP2 Reporting Services Setup The virtual directories Reports and ReportServer are set to Windows Integrated Security with Anonymous Access disabled. All other checkboxes in Directory Security are unchecked. For permissions in Reports, I have:
Administrators (servernameAdministrators) - Full Control
ASP.NET Machine Account - Modify, Read & Execute, List Folder Contents, Read, Write
Domain Users - Read & Execute, List Folder Contents, Read
SQLServer2005ReportingServices]WebServiceUsers$... - Read & Execute, List Folder Contents, Read
SQLServer2005ReportServerUsers$... - Read & Execute, List Folder Contents, Read
SYSTEM - Full Control
Users (CompNameUsers) - Read & Execute, List Folder Contents, Read In ReportServer I have the same permissions except Authenticated Users is absent.
At one point, I even added the account Everybody and gave it full control, and I still recieved a HTTP 401 error. Any help at what I might be missing would be a godsend.
I have been struggling with this problem for a while with SQL 2005. I have never had such login problem with SQL 2000. Here is the scenario:
I have installed SQL2005 standard version on a XP Pro box and I am trying to access it from another XP Pro machine. I can access it using a SQL user name and password that I set up on the server, but I have not had luck with using Windows NT Integrated security. When I try to connect to it (e.g. by a UDL file), I get an error saying Login failed for user €˜HP-AMD64Guest€™ where €˜HP-AMD64€™ is the name of the PC running the SQL 2005. I can access the files on the machine without any problem. I do not understand why it uses €˜Guest€™ that is not what I use to log on my machine. Does anyone have any clue to offer me?
In my architecture I have a Domain Controller with Active Directory (DOMAIN_A), IIS 6.0 (WEBSERVER) and SqlServer 2000 (SQLDBSERVER).
The WEBSERVER has a .NET application with windows authentication. The .NET application interacts with the database server. I want to use Integrated Security to pass in the users login credentials to the database to run any database calls so that I can audit who is making what calls on the database.
The connection string I am using for this is as follows:
The problem arises after I login to the web application (I use the user DOMAIN_ASomeUser where SomeUser is a user who has permissions set up to make all of the database calls). After logging in however, when I go to a page that makes a database call I get the following error:
System.Data.SqlClient.SqlException: Login failed for user 'DOMAIN_AWEBSERVER$'. It seems that for some reason, .NET is not passing the login name SomeUser, but instead is passing SERVERNAME$. Would anyone pls have any ideas how I can implement this. Any guide or references would be much appreciated.
We are using a VB application with a "dsnless" connection. It is not able to connect to the SQL box using integrated WinNT authentication. Receive the below error message:
We can connect to our test SQL box with using the same application with no problem. The only difference we can see is the clustering on the "real" box.
We are using the following program string to connect to both boxes with the exception of the server we connect to:
Hi all,I use the following connectionstring connect to sqlservserver=(local); database=mydata;Integrated Security=trueIf I tried browse the website in VS Web Developer 2005 environment, it's ok. After I compiled the site and access through IIS server, can not connect to sqlserver , I need to use login and password to connect. How can I connect wihtout using LogID and password.Thanks
We have a SQL Server Reporting Services instance running SP2. I have attempted to add a domain group in a trusted domain to the server to enable regular users to access reports. I have added this group to the instance folder as a SYSTEM USER and home as BROWSER. I am allowing those settings to be inherited down through the folders (reports and data sources) to the reports. My test user in this report receives:
The permissions granted to user 'DOMAINuser' are insufficient for performing this operation. (log shows HTTP 500)
when the user attempts to use the URL to go directly to the report. If we try to navigate from HOME and walk the folders the user sees a blank HOME page.
I have used other groups with no problem.
Is there something I am missing in setting up the security environment? Any help would be greatly appreciated.
Users having a difficulty of accessing (Access denied) SQL-2005 integrated services after installing SQL-SP2. This was working fine prior to SP2 installation.
I found out that when I give administrator access (to the SQL box) for those users it works fine but it is not a good way to go.
I have already updated client tools to SP2 in both the server & client PCs.
Anyone have come across this situation? I really appreciate a helping hand.
We are having some commercial applications that are running on sql servers at different sites, all with sql security. The software vendor wants to copy data into staging tables on our BI server. But our BI server only support Integrated security.
But how can i say, in the definition of a linked server (at the remote machines) to swicth security system ?
If it is possible i could enter a fixed domain-account in that users fields, but i suppose that this field was intended for SqlServer security.
Ok, I need to test my webservice with the 'use custom server' option on so that I can specify a base URL that I can reference from apps on a remote machine. I have a connection string I am using to access a sql server db that has Integrated Security=true and windows login has a login for it created in the db.
However, whenever I try to call a webmethod I get this error: System.Data.SqlClient.SqlException: Login failed for user ''. The user is not associated with a trusted SQL Server connection.
But when I call the same webmethod specifiying a sql login / pw, and not integrated security, my webmethod works.
I want to use integrated security though, please help!
I have a piece of Java code that needs to connect to SQL 2000 (SP4) using Windows Authentication. It's running on Windows Server 2003 SP1.
I tried JDBC v1.1 and followed the code from the following blog:
http://blogs.msdn.com/angelsb/default.aspx?p=1
But still get this error as shown below. Any help appreciated.
I am using JDK1.4.2, "sqljdbc_auth.dll" is located under "E:SQL2005JDBCDrvsqljdbc_1.1enuauthx86", also made a copy under "E:JavaTest" and "C:WindowsSystem32" but still won't work.
E:JavaTest>java -classpath ".;E:JavaTestsqljdbc.jar" -Djava.library.path=E:S QL2005JDBCDrvsqljdbc_1.1enuauthx86 TestW2 com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDatabaseError (Unknown Source) at com.microsoft.sqlserver.jdbc.IOBuffer.processPackets(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.processLogon(Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(Unknown Source ) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(Unknow n Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.loginWithoutFailover (Unknown Source) at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(Unknown Sour ce) at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at TestW2.main(TestW2.java:7) ===========================================================
The code is simple (TestW2.java):
import java.sql.*;
public class TestW2 { public static void main(String[] args) { try { java.lang.Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver"); Connection conn = java.sql.DriverManager.getConnection("jdbc:sqlserver://VMW2k3ENT003.TESTCBFPOC.COM.AU;integratedSecurity=true"); System.out.println("Connected!"); conn.close();
I have Sql Server Express installed on Vista (service pack 2)
I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.
The login ID of the service is added to the database.
The database has remote access turned on.
The ID is granted access to all databases within the server.
The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.
The dataserver is set with using Windows Authentication for security.
When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.
How to I get past this? I've done everything right.
Here is my situation: I am creating a database driven ASP.Net web application that will be used over the internet. My ASP.Net application connects to my SQL server 2005 database/server by using a SQL server login. I am using the DPAPI API to encrypt my connection stings with a hidden entropy value for extra security. I am using the SQL login for obvious reasons, as my users will not have a windows login.
What I am trying to do: I want to limit this SQL login account to be able to just run/execute stored procedures and NOT access the tables or views directly. In my ASP.Net application I am using the MS applications data block, and I am using stored procedures for every single database access action. There is no inline SQL being executed from my web application.
What I have tried so far:
I created a new schema and made the above SQL login account owner of this schema. I then granted "Execute" permissions to the SQL login and DENY permissions to all other permissions.
I created an database role with "Execute" only permissions and DENY permissions to all other permissions.
What Happened: In BOTH of the above scenarios I tested a direct SQL statement against one of my tables, from my ASP.Net application and I was able retrieve data back, NOT GOOD, exactly what I am trying to STOP.
If someone could give me (Step-by-Step) guide on how to setup the situation I am looking for, I would be very grateful!
if one connects to SQL server (2005) with integrated security, does sql server connect to ADS in order to verify the credentials or does windows handle the authentification mechanism ?
Does anyone know how to impersonate a user and then use integrated security with SQL server? Every place I've looked so far only shows how to use integrated security through IIS. For some reason, everytime I impersonate a user account, SQL server identifies me as "NT AUTHORITYANONYMOUS LOGON" Is this by design? or am I doing something wrong?
If one connects to sql server (2005) with integrated security, does sql server connects to ADS in order to verify credentials or does windows handle the authentification mechanism ?
We have a a DTS package set up to run against another SQL Server. Using an integrated login is there a way to map an NT Authenticated users is the sql server login id mapping to this attached server. The DB we are going against only uses NT authentication to attach to.
Can we implement a table level (object) security on the groups of the windows NT domain using the integrated windows NT security so that one group has the permission over one table to update ,select ,delete the information and other group has permission has for some other table.
We've encountered a problem on one of our SQL servers running integrated security where MS Security Manager errors out with "An error occured executing sp_addlogin using Domain_nameusername - " is not a valid name since itbegins with an invalid character." We think it is because the domain has the underscore character in it name. Can anyone confirm or point to other possible configuration issues?
Ideally, I'd like to move away from using SQL-based logins for our internal applications and take advantage of integrated security instead.
Defining AD groups and their permissions in SQL is simple and getting the application to work with that is not an issue.
Where I'm having difficulty, though, is in isolating the accessibility in integrated security. Because the SQL-based login was isolated from the windows user, they could only get access to the sql server via our app -- their normal windows accounts had no access.
If we switch to use only windows authentication, the user would be able connect fine from our application and have rights to various tables. The issue is that they could also connect via Enterprise Manager, Excel, or any other tool. Is there any way to limit the exposure so that we can take use of AD for our access but further limit to allow connections based upon the application? I realize that this could be impersonated, but it's still better than nothing...
We're having a bit of a problem getting Integrated Security to work with a .Net 2.0 application and SQL 2005. While we're tweaking permissions on the SQL-side, we came across an account "Application Login" and wondered what its role is. First, our problem:
Currently, the users in the AD group get a connection error. This group is defined as follows at the instance level:
role: public user mapping: to the database without any default schema securables: none status: grant and enabled
At the database security level:
general: none securables: execute on all (100+) stored procedures
And we gave them "Execute" on the database itself.
A little background: we had detached and copied this database from one server to another. So we suspect that the Application Login may have been modified/corrupted, even though it appears to be identical between the original and the copied databases. So we redefined it on the copied DB to match the original. Another group, which is defined as dbo on the database, has no problem at all connecting and running the application.
The Application Login has Execute permissions on all stored procedures and Delete, Insert, Select, Update, and View Definition on the ChangeLog table. It also has db_DataReader, db_DataWriter, and db_ddlAdmin roles associated with it.
Is there another SQL login required for initial connection to the database even though Integrated Security=SSPI is used in the connection string?
Does anyone see where we may be missing a security setting for the non-dbo user group to connect to the database?
Thanks very much for any suggestions, ideas .... Cheers, Tess
I am having a problem in applying subscription to a report.
Here is my case:
I have a datasource with 'Windows integrated security ' authentication, yes....I am using windows domain authentication, so login info is not stored in DB but its authenticated from domain. Now the report I want to use subscription on is using this DS. I read it somwehere that I can use rsconfig -e -u -p option to assign user to unattended reports.
I think, this is the unattended report. I tried with rsconfig and then clicked on 'new subscription option'...and i got error (again) saying 'Subscription can not be created because the credentials used to run the report are not stored...or if linked report.....blah blah...'
I want to use subscription to this report but with 'Windows integrated security', is there any way I can do it ?? How can I assign some user to this report without changing authentiation method and use subscription ?
Help me ...I am stuck, this is the last milestone in my project !!!
I have a set of reports that read from an Analysis Services cube. Permissions are managed at the cube level since different users should look at the same report but different data. This is why for those reports, the data source has Windows Integrated Security set.
Those same users should be able to subscribe to those reports, the problem is that for subscriptions to work, the data sources must store the credentials. This means the filtered reports are lost since the stored account will show all the reports for all users.
Is there any way of generating "filtered subscriptions"?
I'm looking for a best practices document or microsoft book that explains proper database security design for applications accessing sql using integrated security.
I am an application developer at a shop that has been using sql authentication to connect to sql servers. We have an sql login and user setup for each application. This sql user has read/write access to that applications database. The (human) users have no idea what the login is, we have a special generic dll that feeds the sql logins and passwords to our applications at run time for each app. Operations is pushing to move out of mixed mode and into full integraded security mode. Microsoft best practices push integrated security so I understand the move. What I'm trying to locate is some microsoft documentation on security design.
This is what I have pieced together so far regarding the windows authenciated approach to applications accessing databases. With windows security, users will be able to bypass our applications all together and use tools like access and excel to hit the databases even if we don't want them going in there. Their windows security will allow them to do this with integrated security. This is assuming we don't have the app "run as windows user x" and that we grant the user groups permissions on the database objects. This means instead of granting user groups generic read/write on the entire database like we could with sql security we need to consider what groups use the application and consider what permissions need to exist on each database object for that group. In addition we will need to almost exclusively use views and stored procedures to get data as these will act as filters to only allow users to touch what they should be allowed to touch. Having select and update statements within apps would require users have table rights, which is basically the same as allowing them to do anything. Each view and procedure will need to be set up with special consideration so that if a user where to hit them directly we would be ok with it...Basically the application layer which contains a multitude of validation logic on user entry controls can be skipped by a "smart" user who decides to "fool around" in access"
. A solution to fix this would be to have our apps run as a special windows user id but operations has refused to allow this. And honestly this would be nearly identical to just using sql authentication. We are looking at a security redesign of over 60 systems and a multitude of reports. I'm looking for a best practices document or microsoft book that I can use to help demonstrate the amount of redesign work making this move will require and shed more light on how this all works.
I have already looked at the following security documents which do not have what I am looking for, so i figured I better ask.
Hello, I started profiling a website that i'm developing yesterday (asp.net 2.0) and noticed that sqlconnection.open is ridiculously slow (between 3-10 seconds) when using integrated security=true in the connection string. If I use SQL authentication instead and pass the username and password in the connection string, sqlconnection.open is instantaneous. My enviornment is as follows:
I am using windows impersonation in a CLR that is retrieving folder structure. In order to use impersonation I need to pass the windows credential to the SQL server so I am trying to use "integrated security=SSPI" and I also tried "integrated security=true" as well with the same result...I get the error: Login failed for user ''. The user is not associated with a trusted SQL Server connection. The SQL Server and IIS are located in different un-trusted domain. I am however able to connect to the SQL Server using user id and password. In my web.config file: <add name="ConnectionName1" connectionString="Data Source=IpAddress,Port#;Initial Catalog=DatabaseName;Integrated Security=true;persist security info=False; Trusted_Connection=Yes;" providerName="System.Data.SqlClient"/> à Doesn’t work <add name="ConnectionName2" connectionString="Data Source=IpAddress,Port#;Initial Catalog=DatabaseName;uid=user;pwd=password;" providerName="System.Data.SqlClient"/> à WorksBased on the error message it looks like there is no user passed to the SQL server. What am I missing? At this point I am thankful for any input…