I have created a web application. I am using SQL 2012 express as a database. Its working fine when I am running on debug mode. When I deployed that application on local IIS it's throwing an error
Cannot open database "databaseName" requested by the login. The login failed.
Login failed for user 'IIS APPPOOL\MyApplicationName'.
My connection string is <add name="DefaultConnection" connectionString="Data Source=HAPPY\SQLEXPRESS;uid=sa;password=123;Initial Catalog=dwm;integrated security=sspi;" providerName="System.Data.SqlClient" />
I am able to login with this login detail on my SQL 2012 express. I am attaching a screenshot .
You are using SSPI Integrated Security, thus it is trying to use Windows authentication. Try setting to False:
connectionString="Data Source=HAPPY\SQLEXPRESS;uid=sa;password=123;Initial Catalog=dwm;integrated security=False;" providerName="System.Data.SqlClient"
Since your web application uses a SSPI Integrated Security.
You have those options :
Either add the IIS APPPOOL\MyApplicationName as a login and give the required rights to the database dwm.
But since this login is probably not known from the SQL Server you might have to change the Login used by your WebAppPool with a service account from the AD that is shared with your SQL Server.
Or change the connection string with a SQL Login (which has the required rights) - it is not recommended to use the sa login also. Also using this method reduces the security.
connectionString="Data Source=HAPPY\SQLEXPRESS;uid=mySqlLoginForMyApplicatioNName;password=itsPassword;Initial Catalog=dwm;integrated security=False;" providerName="System.Data.SqlClient"
For me EF was not creating the database and navigating to the application gave me the following -
"Cannot open database “MyDatabaseName” requested by the login. The
login failed. Login failed for user 'IIS APPPOOL\MyAppName"
Restarting the website within IIS solved my issue.
Related
I have created a database in Azure SQL. I have updated firewall so that my local machine and dev server can hit the database. I have tested on both machines using the credentials using SQL Server Enterprise Manager all connects fine.
When I use the same server details and credentials in my web.config, it cannot connect - I get this error:
A connection string is configured but Umbraco cannot connect to the database
The website is an umbraco cms website.
I have tried recreating the database, and also deleting reading the login and user still no joy.
<add name="umbracoDbDSN" providerName="System.Data.SqlClient" connectionString="data source={dbServer};initial catalog={databaseName};persist security info=True;user id={userID};password={userPassword};MultipleActiveResultSets=True;" />
please try this just change {} to your configuration
I had a small database app that direct connected to its database via this conn string -
connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\CalendarPhotos.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
This all worked fine until today I attached that database to SQL Server Management Studio so that I could quickly and easily edit some data. Up till then this database had never been attached.
Having done the edits and detached teh database, I now find that I get teh following error when browsing localhost
Cannot open user default database. Login failed.
Login failed for user 'IIS APPPOOL\Calendar Comp'.
The IIS app pool setting is currently ApplicationPoolIdentity. I do not know if it was set to that prior to the attach.
Can anyone advise how to get this thing running again please?
I am trying to connect my website to my sql server 2008 r2 on windows server 2003 with .net framework 4
This is the connection string:
<add name="TestDbConnectionString"
connectionString="Data Source=(local);Initial Catalog=RESv5;integrated security=SSPI;"
providerName="System.Data.SqlClient" />
I got an exception, which is:
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
I saw this question Login failed for user 'NT AUTHORITY\NETWORK SERVICE' and I tried to make a user named as NT AUTHORITY\NETWORK SERVICE but I still have the problem,
edit1
I have already tried to use a username and password. this is the connection string
<add name="TestDbConnectionString"
connectionString="Data Source=(local);Initial Catalog=RESv5;integrated security=SSPI;User Id=sa;Password=myPassword;"
providerName="System.Data.SqlClient" />
but still have the problem
You're using Windows authentication to enter the server, so it uses the Windows account access from the client to validate access/permissions. When in development, the "client" is really the VS development server, but when you deploy to a real web server, the "client" runs as another account, the one that is used to start the its service, NOT yours.
Often SQL Servers are configured at installation to allow yourself sysadmin access, but barely anything else to other users, that's why you get an access denied.
One option would be to use SQL authentication with user/password. Security-wise, this would be the best option if the same web server runs many websites (as they may be isolated from each other data's).
If you absolutely want to use Windows authentication, the real solution would be to give permissions to the built-in account NT AUTHORITY\NETWORK SERVICE at SSMS:
CREATE LOGIN [NT AUTHORITY\NETWORK SERVICE] FROM WINDOWS WITH DEFAULT_DATABASE=[RESv5]
GO
USE [RESv5]
GO
CREATE USER [NT AUTHORITY\NETWORK SERVICE] FOR LOGIN [NT AUTHORITY\NETWORK SERVICE]
GO
ALTER ROLE [db_owner] ADD MEMBER [NT AUTHORITY\NETWORK SERVICE]
GO
Try removing the integrated security=SSPI from the connection string, or set it to false. See below my successful login with sa user:
EDIT: Here is a detailed explanation, maybe it help you to find where you're wrong:
http://msdn.microsoft.com/en-us/library/ff648340.aspx
Your website is running under service account NETWORK_SERVICE in IIS, this is a computer user and can't access your SQL. To fix this you should set your website to use "identity impersonate=true" in your web.config. However if you are running this on the server you might lose the authenticated user in what's called a 'double-hop' where your IIS server cannot relay your authenticated user to the SQL server in another step (PC (1)-> IIS (2)-> SQL).
Milica Medic is correct in her answer but in your reply you specified a user "william" is this a SQL user or a windows user? If Windows user then this won't work, to relay windows users to SQL you need to do it in web.config (see 1. above). The sql connection assumes the user is a SQL user not windows user.
your attempt with username/password is close but you are still specifing Integrated Security=SSPI which tries to force windows user authentication to the SQL.
Try and make a connection string like this:
connectionString="Data Source=SQLSERVERINSTANCE;Initial Catalog=myDB;Persist Security Info=True;User ID=sa;Password=myPassword"
I have created a website using ASP.net with simple data connection which is working fine in localhost. when I want to publish the same, I am getting this error. "Cannot open database "Abcdb" requested by the login. The login failed. Login failed for user 'XYZ-Domain\XYZ-SVR-01$'.
I don't have the user 'XYZ-Domain\XYZ-SVR-01$' in my SQL Server (SQL Express 2012).
I have my server in a virtual machine .
my connection string is "Data Source=XYZ-05-VM1\SQLEXPRESS;Integrated Security=True;Initial Catalog=Abcdb".
do I have to create a user in my database as shown above or else can I use existing database user. I am very new to this technology. Kindly help me.
Try it
<connectionStrings>
<add connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=Abcdb;Integrated Security = SSPI" providerName="System.Data.SqlClient" />
</connectionStrings>
The error means that the server could be reached and the database name is correct. The problem is that the login is invalid.
From the login name I suppose that you have set Integrated Security=SSPI in your connection string and therefore try to authenticate with the account that your application is running under at the SQL Server. On your development machine, this is your user account that on a typical developer machine will be granted high access rights to the local SQL Server.
After you have deployed your application to IIS, it will run in an AppPool that is basically a process under a specific user account (the AppPool account). You need to grant this user account access to the database. In your case, this account is the Network Service account of the server you have your application deployed to. So you need to either grant the Network Service account access to the database or follow this - cleaner - approach:
Create a new Service account in your domain that is dedicated to your application.
Configure your AppPool to run under this account. Assert that the account has the minimum amount of access rights on the server that is possible.
Grant this account access to your database.
If you want to check the database connection settings, have a look at the connectionStrings section in your web.config. This link shows the available settings for SQL Server.
Here is my Error:
ERROR [28000] [Microsoft][ODBC SQL
Server Driver][SQL Server]Login failed
for user 'NT AUTHORITY\ANONYMOUS
LOGON'. ERROR [28000] [Microsoft][ODBC
SQL Server Driver][SQL Server]Login
failed for user 'NT
AUTHORITY\ANONYMOUS LOGON'.
Here is my connection string at application start up:
MyConnection = New Odbc.OdbcConnection("DRIVER={SQL Server};SERVER=MySqlServer;Trusted_Connection=True;DATABASE=MyDatabase")
Here is part of Web.Config:
<authentication mode="Windows"/>
<identity impersonate="false"/>
Here is my IIS(7) settings:
Authentication
Anonymous Authentication: Disabled
ASP.NET Impersonation: Disabled
Basic Authentaction: Enabled
Digest Authentication: Disabled
Forms Authentication: Disabled
Windows Authentication: Enabled
Connection Strings
MyDatabaseConnection: Data Source=MySqlServer;Initial Catalog=MyDatabase;Integrated Security=True
LocalSqlServer: data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true
I believe you may have to use ASP.Net Impersonation in this case.
http://weblogs.asp.net/achang/archive/2004/04/15/113866.aspx
As Zach says, you need to change the credentials of the user accessing the database.
So you either need to turn on impersonation as recommended or you should change the user id and password used by the application pool that is used to run your web site. This MSDN article, while a bit old, still applies and should help you do that.
What user account should be used to connect to the database? Your user account, an account on the SQL server, the IIS app pool account?
By default, if you don't give the connection string a username and password, .NET will use the AppPool's credentials, which as Simen says doesn't have sufficient privileges to the SQL server.
If you want to use the credentials of the user accessing the website (probably a bad idea), you need to use impersonation as Thyamine says, but if you want to use a SQL account that is set up for the database, then you need to put the username and password of that user into the connection string. (http://www.sqlstrings.com/SQL-Server-connection-strings.htm)
if your web application is running without Integrated Security. remove the "Allow Anonymous connections" security option. When authenticated by the web server as ANONYMOUS the request will be executed using an identity does not have sufficient privileges to your SQL Server DB.
Edit: If you are running the web server on a separate machine than the client machine you might want to investigate whether the server actually recognizes the account used on the client machine. If the machines are not part of the same security domain, you might even have to go through the questionable procedure of modifying the server's
Local Policies --> Security Options --> Network access: Sharing and security model for local accounts to the setting : Classic - local users authenticate as themselves and creating a user account with the same name and password on the server.
You might also want to investigate http logs on the server