Windows Authentication Fails If IIS And SQL Server Are On Different Servers
May 9, 2007
Hi
I am using SQLXML 3 on a Windows 2003 server Running IIS 6.0. I used SQLXML configure IIS Support to create a virtual directry on this server to connect to MS SQL Server 2000 instance running on another windows 2003 server.
Configurations for the virtual directory are
1. Used Windows integrated authentication.
2. Created template for executing the stored procedure.
When i try to access the DB Server through a browser i am prompted to provide for Windows authentication. Even if i provide the domain user that has administrtive rights on both the server i am getting a response.
ERROR: 400.100 Bad Request
HResult: 0x80046000
Source: Microsoft SQL isapi extension
Description: Invalid connection settings: access denied
If from MMC i change the properties of the virtual directry to enable anonymous acess using the cridentials that i mentioned earlier, everything is working fine. I have been searching the net for 2 days and tried everything that i could find but still i keep getting the same error.
Any help will be highly appretiated.
View 3 Replies
ADVERTISEMENT
Jan 23, 2006
I have seen similar questions, but none of the answers have solved my problem.
I have several SQL2000 servers running under Win2003. In the past, we have been using SQL logins, but I have been trying to transition to using Windows Authentication. It has been working great except that sometimes queries using linked servers fail.
The linked servers are set up for the connection to use the login's current security context.
For testing this problem, I have limited myself to two servers to do this between. My Windows account is defined with sa rights on both servers. I have tried explicitly to impersonate my account, I have told it to explicitly use the same account and password on the other server. I have tried not listing my account and letting it default my original setting of using current security context. (if I tell it to use the sa account remotely, that does work)
Both SQL Servers run under the same domain account. That account had delegation rights. My account is not marked as sensitive. The computer account has delegation rights. There is a Service Principle Name defined for both servers.
I have tried everything I can find to try, yet I still get the following message (or something similar, depending on which settings I have changed around).
Msg 18452, Level 14, State 1, Line 1
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
What am I missing?
View 41 Replies
View Related
Nov 16, 2006
Greetings,
One of my users gets the following error when he tries to connect to my SQL Server 2000 database using windows authentication via Query Analyzer:
[Micorsoft][ODBC SQL Server Driver][SQL Server] Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
Me and the server are located in Colorado and are on the NADomain. User is in London on the EURDomain. The EURDomain has a one way trust to the NADomain to use NADomain resources. I have granted access to the database to the user via Enterpise Manager as EURDomainuserid. All the literature I've read says this should be sufficient to connect but isn't. User can connect with SQL Server authentication. Users on the NADomain in Toronto can connect just fine with Windows Authentication. EURDomain user can access other file server resources in the same building as the SQL Server in Colorado.
SQL Server version is:
Microsoft SQL Server 2000 - 8.00.818 (Intel X86) Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
EURDomain Client ODBC version is 2000.85.1022.00 and MDAC is 2.8.
Any help is greatly appreciated.
View 5 Replies
View Related
Jun 10, 2007
Using Bulk Insert Task extensively in our solution. Everything was working great till we deployed it in stage columns. The database server is different from application servers. We have ASP.NET web services driving SSIS packages on application server. After struggling thru several security issues to get this working (ended up creating an application pool with a domain account) we are now stuck with this problem. On a different note still don't understand what specific security permission is available to domain account that makes it work.
Read in some blog that SQL Server 2005 SP2 Beta had this (Bulk Insert) fixed but not in final production version. Is there a specific reason why this is so?
SSIS and the API is quite easy to work with but associated security and deployment issues are not always clear. A lot of answers seem to be coming from end users - thanks a lot to all for sharing your experiences - sadly not presented clearly in SSIS documentation.
View 2 Replies
View Related
Mar 26, 2008
Hallo there,
I just upgraded from Windows XP Pro to Windows Vista Bussiness and tried to reinstall SQL Server 2005 Developers Edition. After the installation i downloaded (using microsoft windows update) and installed all the service packs for sql and vista available.
My problem is when i open sql server management studio and try to connect to my default instance using windows authentication and database engine, an 18456 error occurs.
I enabled all the protocols and all the ports
I disabled windows firewall and antivirus (eset nod32)
I installed all service packs available
I have also installed Visual Studio 2005 without installing sqlexpress
But nothing happens!
Please i am very desperate, any information will be gratefully accepted.
This is my installation Information
Code Snippet
Microsoft SQL Server Management Studio 9.00.3042.00
Microsoft Analysis Services Client Tools 2005.090.3042.00
Microsoft Data Access Components (MDAC) 6.0.6001.18000 (longhorn_rtm.080118-1840)
Microsoft MSXML 3.0 5.0 6.0
Microsoft Internet Explorer 7.0.6001.18000
Microsoft .NET Framework 2.0.50727.1434
Operating System 6.0.6001
Thank you in advance,
Patonios
View 3 Replies
View Related
Oct 16, 2006
Would anyone please help me out here. which of the 2 modes of authentication is better and why??
View 3 Replies
View Related
Mar 12, 2008
For using different services of SQL SERVER 2005 which is better...
Windows Authentication or SQL Server Authentication?
what are the advantages and disadvantages of both?
View 5 Replies
View Related
Feb 1, 2008
Hi.
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
View 1 Replies
View Related
May 11, 2007
How to give authentication for Send Mail Task component?
View 4 Replies
View Related
Apr 18, 2007
Hi there,I have installed MS SQL Server 2005 on my machine with windows authentication. But now I want to switch the authentication mode to SQL Authentication. I am unable to switch, I can’t find the proper way to do so here in 2005.Could any one help me in doing this?Thank you,-Ahsan
View 1 Replies
View Related
Oct 21, 2006
I am new to the whole ASP .NET scene, so my knowledge is very limited, and if I’m not clear enough please let me know. I am reading a book published by APress about ASP .NET with C# and I am at the point where I get to begin working with data (fun!!). The problem is that I’m not able to connect to the SQL Server. I have Server 2003 and SQL Server 2005 running on a separate machine than the computer that I use for development – the server is named THESERVER, the SQL server is named THESQLSERVER, and the computer I use for development is my laptop named MYLAPTOP. So here’s my connection string (I put this in my web.config XML file):<add name="Pubs" connectionString="DataSource=THESERVERTHESQLSERVER; Initial Catalog=pubs;Integrated Securit=SSPI"/> Now here’s what my book reads: For Windows authentication to work, the currently logged-on Windows user must have the required authorization to access the SQL database. This is all it says about Windows authentication because the book assumes that I am running MS SQL Express off localhost. Questions: Does the book mean that I will have to add a user to my server for my laptop? If so, how do I log into this user using the connection string?What does it mean by “the current logged-on Windows user”? Is that referring to the user on my laptop, or a user on the server? I’ve been reading around trying to find more information on exactly how Windows authentication works, but I keep coming up dry. I know that much of this is probably trivial to a lot of you, which is why I am asking because it isn’t to me. Well, thanks in advance for any help that you can provide me.
View 5 Replies
View Related
Apr 26, 2005
I have an asp.net page which accesses a sql server database (on another server).
I am trying to use impersonation to impersonate the domain user accessing the page and use the credentials to access the sql server using a windows login. I have windows authentication checked in IIS settings am using the following web.config:<configuration>
<system.web>
<authentication mode="Windows" /> <identity impersonate="true"/>
<authorization> <allow users="*" /> </authorization>
<customErrors mode="Off" />
</system.web>
</configuration>
I can connect fine when i open the page on the IIS server but from other machines, whilst logged in as the same domain user I get the error:
Login error failed for user ''.
Anybody know what the problem might be?
View 1 Replies
View Related
Jul 20, 2004
Hello,
I'm writing some software for clients and the connection is done via de username passwd methode, not windows authentication. One of the salespeople is creating FUD now, talking about a "major security leak" because, if someone has the username / password, he can view the data in the mssql database. ( seems normal to me for a username/password combination - winNT or not - but this news can be shocking to the uninitiated)
Is there any paper on his comprehensionlevel that deals with this issue?
Or you've got an opinion on this?
Thanx for any pointers,
W13
View 2 Replies
View Related
Sep 15, 2005
Hi,
We are changing our web application to use Windows Authentication instead of SQL Server Authentication.
Initially, we added the IUSR_MACHINENAME user to SQL Server. This works ok when SQL Server and IIS are both running on the same server.
However, this won't work if SQL Server and IIS are on different servers on the same domain.
After doing a lot of research on the internet, it seemed that the answer was to create a user on the domain and use that user in IIS as the anonymous user (and give that user the relevant rights on SQL Server).
However, I've seen other comments in articles on the internet saying "Running any web service as a domain user is ill-advised".
We are using ASP rather than ASP.NET. What is the correct (and most secure) way to go about this?
Best
Matt.
View 1 Replies
View Related
Feb 24, 2007
Ours is distributed WinForms application. Application logon is using Windows integrated authentication. As a best practice I would like to use Windows authentication for SQL Server connection. This means that when the user logons on to the workstation, the user will gain access to the application and also to the SQL Server. But there is a requirement that the end user cannot directly login to the database. So if the user tries to access Sql server database through some client tools I shouldn't allow that. How can I achieve this?
Thanks
View 3 Replies
View Related
Jan 3, 2007
Hi,
if I try to install SP 2 using SQL Server authentification (sa) it fails. The following lines appear in the file "Hotfix.log":
01/03/2007 14:08:23.859 Authenticating user using SAPWD
01/03/2007 14:08:23.875 Validating database connections using Windows Authentication
01/03/2007 14:08:24.171 Pre-script database connection failed - continuing to wait for SQL service to become responsive to connection requests
... repeated 60 times ...
01/03/2007 14:13:33.625 The following exception occurred: SQL Server reagiert nicht vor der Skriptausführung Date: 01/03/2007 14:13:33.609 File: depotsqlvaultstablesetupmainl1setupsqlsesqlsedllinstance.cpp Line: 1411
Why does it try to use Windows Authentification although I have told it to use SQL Server Authentification (Windows Authentification has been disabled in this Database Instance)?
View 16 Replies
View Related
Mar 25, 2004
Hello,
(Using win2k, sqlserver2k, framework 1.1)
I have an fairly data-heavy application that uses Windows authentication (Trusted connection/aspnet account) to connect to Sql Server. The site uses IIS basic authentication.
On the dev server everything works fine but when I move to the live server things get strange and it starts to crawl along. (Pages load OK but then it just crawls as it loads the datagrids etc. Sometimes it brings back incomplete/incorrect data )
BUT When I use Sql Authentication to connect to Sql Server and there is no problem at all!
Ok, there is something obviously wrong with the live server (which is identical setup to dev)but I dont know where to start.
Any ideas??
View 2 Replies
View Related
May 15, 2006
Hi all,
I've got two applications which both have a database on my MS SQL 2000 server. The problem is, one application must use Windows Integrated Authentication (which it is currently using and cannot be changed) whilst the other application which I'm trying to configure must use a SQL password.
Since the server has already been configured to use Windows Integrated Authentication for the existing database and application, how do I configure the other database to use the SQL password?
Thanks.
View 1 Replies
View Related
May 12, 2006
Hi all,
My work is using a shared application
which accesses a MSSQL 2000 database. To access the application, the
folder on the Windows 2003 Server is shared and users can access the
folder through a shared drive.
For the application to access the
database, it uses an ODBC connection to the MSSQL server which
originally used the SA password.
We have recently switched to using
Windows Integrated Authentication because we believe it offers a
higher level of security. However the only way in which we have been
able to enable this is to add the windows users to the SQL server.
The problem with this is that the
application sets permissions for individual users on what records
they can see within the database. We have found that by adding the
windows users to the SQL Server, they can bypass the permissions the
set by the application by simply using any application that can use
an ODBC connection, such as Enterprise Manager, and see all the
database.
One way around this would be to set up
domains of users with access privileges to the tables which reflect
the permissions set by the application, and configuring a view of the
data so they may only see the records that they have permissions to.
However to do this would require a high administrative cost to ensure
that changes made in the application are reflected in the privileges
of the SQL server.
Instead, is there a way the SQL server
can authenticate that the ODBC connection is coming from the correct
application using Windows Integrated Authentication?
This would allow the applcation to
determine security, and stop users from connecting to the SQL server
using other applications.
Alternatively, can the SQL server,
using Windows Integrated Authentication, also ask the application to
supply a username and password?
Any help with this matter would be
greatly appreciated.
Thanks!
View 4 Replies
View Related
Feb 13, 2008
When I use Windows authentication on My SQL Server Database, I can use Windows accounts to define access to read/write/modify databases, right ?
But, when someone access a ASP.NET Web Site that access this Database wich user is that going to be ?
The IIS users ? IWAN_SRV and IUSR_SRV ?
Thanks
View 1 Replies
View Related
Sep 30, 2005
hello ,I have a problem with connecting to SQL Server by Windows Authentication.It's the error:"Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. "and this is a source code :"SqlConnection cn = new SqlConnection ("Data Source=PLGRZFLS0001;Initial Catalog=Magazyn;Integrated Security=SSPI;Trusted_Connection=Yes");cn.Open();SqlCommand cmd = new SqlCommand("exec proc_permission",cn); SqlDataReader dr= cmd.ExecuteReader() ;dr.Read(); "in my web.config :<authentication mode="Windows" /> <identity impersonate="true"/>i have no idea what is wrong :(:( bye,sorry for my english
View 2 Replies
View Related
Apr 9, 2015
I'm almost sure that it's not possible, but I wanted to ask in case that I'm missing something.Is it possible to get the Windows user when someone logins using SQL Server Authentication? I know how to get the hostname, but I can't find how to make the next step.By the way, do sleeping connections affect performance? Would they consume resources such as RAM or network?
View 1 Replies
View Related
May 27, 2015
customer.internal (forest level 2012 R2)service.internal (forest level 2012 R2)Now I have a SQL Server 2012 Standard in the service.internal domain and I need to authenticate to this server from the domain customer.internal.Can I use ADFS for this?
View 8 Replies
View Related
Oct 8, 2007
Brief Description: I would like to use C# to write a program to access a SQL Server instance which is at another PC and using Windows Authentication. (I know how to use SQL Server Authentication, but I need to use Windows Authentication only.)
Detailed Description:
1. I have two PCs, and I would like to write a C# program in PC1. to access SQL Server at PC2 with Windows Authentication only.
2. I installed Microsoft Dynamics POS system. I install the POS Database with Windows Authentication only at PC2, but then I can install POS at my PC1, and when I set up the connection to the SQL Server, POS will pop up a dialog to ask me the username and password. I can just use the PC2's windows user account to login. Then POS can work fine. I would like to do the same just like what they did.
3. I tried the following code at the PC2 (the same PC as the SQL Server running), and it is running fine. But if I copy the same program and run it at another PC, then it will pop up a "Logon failuer: unknown user name or bad password.".
Microsoft.SqlServer.Management.Common.ServerConnection myServerConn = new Microsoft.SqlServer.Management.Common.ServerConnection();myServerConn.LoginSecure = true;myServerConn.ConnectAsUser = true;myServerConn.ConnectAsUserName = "username";myServerConn.ConnectAsPassword = "myPassword";myServerConn.ServerInstance = "myPCName\mySQLInstance";myServerConn.Connect();
Please help! Thank you!
View 1 Replies
View Related
Mar 20, 2007
Hi,
When trying to connect to a SQL Server 2005 Analysis Services instance through the Excel 2007 Add-In, the ability to choose a user name/password combination rather than Windows Authentication seems to be disabled. Is there a way to do this? Thank you!
Melissa Kenny
Harvard Medical School IT
View 7 Replies
View Related
Nov 5, 2015
How can I disable windows authentication mode in SQL Server using sql query or a windows command.
I know how to do it using management studio. i.e., security --> logins --> Builtin/Administrators --> status --> login --> disabled.
But I need to do this using the command.
View 6 Replies
View Related
May 23, 2008
Does anyone know how windows authentication works in SQL Server 2005 with regard to group membership? If a user is a member of two NT groups that have the same permissions in SQL then which group will be used to authenticate their login? The reason I ask is that logins have default languages associated with them so if a user is a member of NT group A with a default language of British English and is also a member of group B with a default language of US English then which one will be used and will it be the same one every time?
View 4 Replies
View Related
Mar 5, 2004
I have a domain user account through which I can log on a machine. The machine allows me to use this domain user account to create DB in SQL Server using windows authentication. How can I define a connection string to connect SQL Server? My connection string is like:
string str = "server=(local);uid='"+userName+"';password='"+password+"';database='master';connection timeout=15";
This one works on another machine where I use SA account. But this one does not work using windows authentication. I tried to use domainnamemyname as user name, but failed.
Could any one give me some suggestion?
View 2 Replies
View Related
Mar 6, 2007
I am running my laptop separate from a domain with a local user that has the same username as password as my domain account.
Under Windows XP -> User Accounts -> Manage My Network Passwords I could passthrough my domain credentials to allow myself access to the SQL Server using windows authentication. This is confirmed to have worked with both SQL Server 2000 and SQL Server 2005 from Windows XP.
My current laptop is now running Windows Vista and this method seems to work fine for network access, but does not seem to work for SQL Server authentication using Windows authentication and I receive the following error.
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection. (Microsoft SQL Server, Error: 18452).
Any assistance would be appreciated.
View 7 Replies
View Related
Sep 24, 2015
I have set up two SQL server (e.g. Server1 and Server2) which are set up to use Windows Authentication with my login (e.g. login1).On Server1 I have created a linked server to Server2, I have then selected the Security tab and added my local login and selected impersonate. I have then selected ‘Be Made using the login’s current security context’.I then receive the error message ‘The linked server has been updated but failed a connection test. Do you want to edit the linked server properties?’
View 9 Replies
View Related
Feb 27, 2008
Logins failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
(microsoft SQL Server, Error: 18452)
Hi Guys.
How are you,
its something very complicated to understand my issue.
i am receiving the above error message when i tried to login with using windows accout to connect to SQL server Instance using client tool.
ok Let me start step by step.
1) Initially we have one box using windows 2000 (OS) and having SQL Server 2000.
2) Here on SQL Server instance i have created windows account login and gave permissions to one of the database on that instance.
3) this windows account is in the right domain and also in the same domain
4) when i right click on Management Studio on the different machine --> Run As--> enter the windows account --> select the above Sql server instance.then connect
5) Here i am not able to connect to the sql server.
the below error generates when i press the connect button
Logins failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
(microsoft SQL Server, Error: 18452)
if we gave the full permission to connect to box with this windows account then i am able to connect the sql server instance, otherwise its not allowing me to connect to the Sql server instance.
we have another box using windows 2000 (OS) and having SQL Server 2005.
i have followed the same as above with same windows account login.
Here i am able to connect to the SQL Server Instance and also this windows account donot have permission to connet the box.
Anybody have idea about this issue???
if the SQL server 2000 doesnot have the option to connect remotely. unless that windows account have the full permissions to box.
if you have any white paper please let know.
i really appreciate for your effort, if you dont understand please let me know.
thanks so much.
Raghu
View 1 Replies
View Related
Sep 11, 2006
Can someone point me at an article that tells how to allow the
ASP.net worker process to connect, via windows authentication, to a
remote sql server instance ?
View 2 Replies
View Related
Jul 20, 2005
I have an asp drive web page that writes a row to a table on sqlserver 2000. The web site is set to use windows authenication and thesql server is set to use windows authentication.This process works fine on windows xp sp 1 machines but on win2k sp4machines logged in as the same user i get the errorAn error occurred making the change -2147217843 Error connection toSQL Server: [Microsoft][ODBC SQL Server Driver][SQL Server]Loginfailed for user '(null)'. Reason: Not associated with a trusted SQLServer connection.can anyone explain why win2k client would have this issue and notwinxp clients?Glenn
View 1 Replies
View Related