I've developed a website which connects to a SQL Server 2012 instance. This works fine in my development environment. However, when trying to deploy to a production environment, the page returns the following error:
Server Error in "/theapp" Application.
Invalid User Account
Description: an unhandled exception occured during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code
Exception Details: System.Data.SqlClient.SqlException: Invalid User Account
screen shot of stack trace
I am struggling to find any documentation regarding this on the Internet; is there anyone who might know where I can start looking for a resolution?
Thanks kindly!
Update (4/7/2016 # 3:18pm): The service account is a domain account which has correct permissions on the database. In addition, the same account is used by another website to connect to the same database, and this works fine.
Update (5/7/2016 # 10:16am): The only thing I can think of is something to do with the usage of LINQ to SQL queries within the application. Does this sound like a possible cause?
As the error says, the credentials you are using to connect to sql server are incorrect.
Make sure you are using correct credential viz. user name and password in your connection string. You can check it by logging on to sql server instance from these credentials.
If you are using integrated security, i.e. windows authentication, verify if the user have given permission on sql.
When you pass Windows authentication through a website, the identity of your app pool is the user credentials that are supplied. Be sure your app pool for the site is set to use the same user as you expect in the identity of the app pool. Also, be sure integrated security is set to SSPI, not true, in the connection string.
Related
This had been working fine in our prior server Windows 2012. New server is 2019.
IIS Setup:
DefaultAppPool using ApplicationPoolIdentity as its identity.
Anonymous and Windows Authentication enabled.
Both prior and current server hitting same SQL Server.
When we try launching the ASP Page, we get this error:
SqlException (0x80131904): Login failed for user 'DOMAIN\MACHINENAME$'.
In other posts I've read that it could be the connection string Trusted Connection setting that is incorrect, but the connection string is built inside the page code and it's never changed.
We've also read that since ApplicationPoolIdentity uses NT AUTHORITY\NETWORK SERVICE as its user, then we'd need to add that service account to the SQL Server.
Again, it had been fine without it in the prior server. But just to try it, we added it to the User list as DB_OWNER in SQL Server.
But still get same error.
Connecting to the SQL server outside of this scenario is no an issue, we can get to it in SSMS and otherwise.
Any ideas and help appreciated!
Thanks
If you see a failure like this: Login failed for user 'DOMAIN\MACHINENAME$'. It means that a process running as NETWORK SERVICE or LocalSystem accessed a remote resource, authenticated itself as a machine account and was denied authorization. When access to the machine account is denied, the machine account must be granted access. If the server denies login to 'DOMAIN\MACHINE$', then you must grant login permission to 'DOMAIN\MACHINE$' instead of NETWORK SERVICE.
I have an asp.net application running in IIS using the account which has access to my database. With windows authentication, I am able to log into this account in sql server manager and other things. In my connection string, I have Integrated Security=true, and the error message I get when loading a page using this connection string references the correct user. (Not 'IIS APPPOOL\ect...' like all the other instances of this question I have found on SO). Is there something else that can cause this issue? I just dont understand why I am able to log in with the same windows account in other applications.
Im currently trying to deploy my .NET MVC Application to IIS 7.5.
There is a database connection problem that im trying to figure out. In localhost, everything seems fine, however, when I deploy my app to remote server, the app runs, without connecting to database. For example I have a VisualLeadController that has getMonthlyLeadsByYear() method that connects to database and retyrns data. When I try to execute it from brower by typing
http://staging2.landornet.com/WebLeadsVisualizer/VisualLead/getMonthlyLeadsByYear
It generates this error:
Exception Details: System.Data.SqlClient.SqlException: Login failed for user ''.
The steps that I followed:
1-Removed integrated security=True from WebConfig connection strings
2- Changed applicationpool identity from applicationPoolIdentity to local system.
Still now working... anyone has any idea?
When deploying your web app to your remote server, you will need to use a SQL connection string that contains an explicit username and password associated with a SQL account. For example,
Data Source=SERVER;Initial Catalog=DATABASENAME;User ID=SQLUSERNAME;Password=SQLUSERPASSWORD
To use this connection string, you will need to first use SQL Management Studio to create a SQL login with a username and password, and give that user access to your database. Then log out out of SQL Management Studio and log back in using that user/password to make sure that it correctly can access your database. Hopefully then your web app should be able to connect to the database.
I having the following error message:
Cannot open database "SmallBakery" requested by the login. The login failed. Login failed for user 'IIS APPPOOL\MyAppPool'
How can correct this? I am using windows 7 Enterprise Edition and Sql server 2012.
If you don't change, each app pool has it's own identity. In your case, just add a new user to your database SmallBakery with the name IIS APPPOOL\MyAppPool using SQL Management Studio. You find the users list in the "Security/Users" subnode of your database. This should look something like that:
For testing, let the user be member of the db_owner role. If that works, remove this role and just let it be member of db_datareader and db_datawriter.
This way, each app pool (perhaps each website, if they all use their own app pool) only has access to the corresponding database.
It depends on how you want to authenticate in your app. Are you trying to use impersonation in your app?
What's happening right now is the identity of your app pool in IIS is getting passed when trying to access the database. You can change the identity of your app pool to be something that has access to the database or you could change your connection string to use a specific login instead of integrated security.
Check this post out. Your problem sounds similar to one I was running into, with the same exact error message.
http://blogs.msdn.com/b/sqlexpress/archive/2011/12/09/using-localdb-with-full-iis-part-2-instance-ownership.aspx
Like others said so far you need to take your app pool system user (IIS AppPool\myapppool) and add it as database user for that database with appropriate permissions.
Note that this will work just find on your IIS/Server but if you plan on migrating application to a different IIS/Sql server it will require changes in both SQL Server and IIS. I’d suggest you also consider sql server authentication – it may be more convenient for your specific case.
In my case these steps lead me to successfully handle this error.Hope it will help you also
I have a Website and it works fine locally (when I run it using MS Visual Studio 2010), but When I uploaded it on the Web, it gives me this error message!
So, please what should I do to fix this problem?
Many thanks.
Look at the authentication information in your connection string. Whatever user is trying to access the database, make sure they have permission.
Posting the connection string stored in ATRProDBConnStr might give more insight as well.
So, please what should I do to fix this problem?
You should check the permissions between the web application and the SQL server.
Is the connection string correct (providing the correct user credentials for the application)?
Does the production database have grant the same permissions to the application's database user as the local database?
If the application doesn't use credentials, does the database grant the same permissions to the server's web application user as it does the local application user?
The error is basically SQL server telling you that your application isn't allowed to perform an action on the database. The application works fine (except for the lack of error handling which generated this page), it just needs permissions on the SQL server.