I'm working on ASP.NET Web Forms application, using standard ADO.NET for quering the database. Since today I've been developing on my local machine, using local resources (including local isntance of SQL Server 2008) and I use a very simple connections string plus Windows auth to connect to my database:
<add name="MyConn" connectionString="Data Source=MY-PC\SQLEXPRESS;Initial
Catalog=MyDataBaseName;Integrated Security=true;"/>
But today I wanted to remove to a remote SQL SERVER so I changed my connection string accordingly:
<add name="MyConn" connectionString="Data Source=TheRemoteServer;
Initial Catalog=MyDataBaseName;User Id=MyId;Password=MyPassword;
Integrated Security=true;"/>
and when I try to connect to the database, when I reach :
try
{
connection.Open();
I get an error that connection can not be established for user and here come my Windows user instead the ID I've provided in the connection string. However if I set Integrated Security=false; (to False) everything starts working. I don't know why. It seems strange and since it obviously has something to do with security I'm bothered leaving it like that. So what are my options here?
Integrated Security:
When false, User ID and Password are specified in the connection. When true, the current Windows account credentials are used for authentication.
Recognized values are true, false, yes, no, and sspi (strongly recommended), which is equivalent to true.
If User ID and Password are specified and Integrated Security is set to true, the User ID and Password will be ignored and Integrated Security will be used.
SqlCredential is a more secure way to specify credentials for a connection that uses SQL Server Authentication (Integrated Security=false).
SQL Credential
Just use the following:
<add name="MyConn" connectionString="Data Source=TheRemoteServer;
Initial Catalog=MyDataBaseName;User Id=MyId;Password=MyPassword;"/>
or
<add name="MyConn" ConnectionString="Server=myServerName\myInstanceName;
Database=myDataBase;User Id=MyId;Password=myPassword;"/>
Related
I need help connecting my Web App to a remote database (SQL Server).
I have tried many suggested solutions but I can't seem to come right.
This is how I connect to a local database, it works 100%:
<add name="DBCS" connectionString="Data Source=serverName;Initial Catalog=MVNE_Website;Integrated Security=True" providerName="System.Data.SqlClient" />
My ASP.NET Web App is hosted on one server, and the database is on a separate server.
The remote DB server is 100% configured to allow remote connections and firewall rules also adhere to the connection protocols. I think it is just my connection string that is incorrect but I don't know why??
Here it is(conn string for remote SQL server)
<add name="DBCS" connectionString="server=serverIP\serverName; database=MVNE_Website; Integrated Security=True" providerName="System.Data.SqlClient" />
I don't use a username or password when connecting to this remote SQL Server so I did not see a point in adding it in the conn string?
There can be a few reasons why this will not work. Here are 2 common ones:
Your web application will pass the username the application pool is running under, (which by default is some system user) to SQL Server. Change this to be a service account which has access to SQL Server.
If you are hopping across 2 or more servers to pass the credentials between IIS and SQL Server, you may need to implement Kerberos, which is a way to preserve the credentials. This is a complex network configuration thing.
Check point 1 first.
:/
In my web.config file custom errors mode was on RemoteOnly, so I turned it off and saw that my connection string was never the problem, the actual problem was that the app was trying to insert null into a primary key field that does not allow null, i never set the PK to auto increment
.. sorry and thanks
So I'm trying to set up a connectionstring in ASP.NET to connect to a SQL Server.
I've got the servername and that's the structure I'm currently using.
<add name="CRMSQL" connectionString="Data Source=servername\Instance;Initial Catalog=crm;User ID='CRM';Password='****';Integrated Security=True" providerName="System.Data.SqlClient" />
I know that the username and the password are right and for the Servername I use something like U444324.And as the instance name I use the name which pops up when I execute:
SELECT ##servername
What are possible sources of error?
Replace Integrated Security=True with Persist Security Info=True
Persist Security = true means that the Password used for SQL authentication is not removed from the ConnectionString property of the connection.
When Integrated Security = true is used then the Persist Security is completely irelevant since it only applies to SQL authentication, not to windows/Integrated/SSPI.
Reference : Differance Between Persist Security Info And Integrated Security
Create an empty text file
Change the extension to .udl
Once created, double click on the created file.
You will be presented with a GUI
Follow the steps in Connection tab and click on Test Connection
If successfull, click OK
Then right click on the file and open with note pad
Copy the connection string and replace it with your current one.
I cannot get my web app to connect to the database when running the app. I can connect in the SQL Server object explorer and I took the connection string from the connections properties
Here is my connection string :
<add name="Quotes.DAL.QuotesConnection"
connectionString="Data Source=(localdb)\v11.0;Initial Catalog=TestDB;Integrated Security=False;User ID=sa;Password=***;Connect Timeout=15;Encrypt=False;TrustServerCertificate=False"
providerName="System.Data.SqlClient" />
I can connect as SA and I can create the database that it points to in Management Studio. When my app tries to connect via Entity Framework I get the following error :
System.Data.SqlClient.SqlException (0x80131904): Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject,
I'm running Windows 7 as a home dev machine so there is no Active Directory.
Can anybody explain why this might happen?
I have found that this is probably because I have Entity Framework in another assembly. I created a new web application and its connection string works. When it try the same connection string in my DAL it fails with this same error!
Thanks
It may be because of setting Integrated Security=False, I have never set it to false. I normally use just the bare minimum Server=myServerAddress;Database=myDataBase;User Id=myUsername;
Password=myPassword; when setting up my connection strings with sql authentication, only adding things as I need them.
The other issue I see is using SA to connect to the database. This breaks almost every best practice in the book and I would recommend creating an app specific password for when you roll out the program. The reason being is the GOD ACCESS account for the server will have its password in plain text in the app.config file. Just something to keep in mind.
EDIT: After some comment discussion the connection string was in the wrong config file.
I have an ASP.NET app using built-in Membership functionality. As such, I have a connection string in my web.config that looks like this:
<add name="MembershipSqlServer" connectionString="Data Source=servername;Database=aspnetdb;uid=user;pwd=password;" />
When working on my dev machine, everything is peachy keen. But when I move things to the web server (which also happens to run the SQL Server), I get this error when User.IsInRole() is called:
System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
F$%*&!! Why is it attempting to connect in this way? Why isn't it using user/password from the connection string? Web.config is identical on dev and server, I am using the DB on the server during development.
OK, I figured it out... only 35 minutes. :P
Long story short: There are two parts to asp.net membership… a membership provider and a ROLE provider. Why you’d ever want these two things separated, I don’t know… But my web.config wasn’t specifying the role provider and connection string, so it was defaulting to the settings in machine.config (aka LocalSqlServer connection string).
So all this time, my app users were on the server... but the roles were stored in a local .MDF file in App_Data. Ugh.
What does the membership providers section in your web.config look like? Is it possible that you left out the connectionStringName attribute? In which case, I believe it would be trying to connect to the database on your local machine using integrated security.
The membership providers section in your web.config should look something like:
<membership defaultProvider="SqlProvider">
<providers>
<add
name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="MembershipSqlServer"
...
/>
</providers>
</membership>
Do you see this <authentication mode="Windows" /> in your web.config? And your other connectionString uses Integrated Security=True; On your Sql server in order to use windows authentication you must have a Login(on the server) for the windows user or group as well as have an associated user in the database.
The simple but not suggested fix would be to create a login for 'NT AUTHORITY\NETWORK SERVICE'
on you sql server and then a user in your specific database for that maps to that login.
The secure way is to do this for each of the network security groups that need to access the sql server so you can manage the group permissions independently.
i think the answer is that :
public static string ConnectionString(SPSite site)
{
var connectionStringField = BaseMembershipProvider(site).GetType().GetField("_sqlConnectionString", BindingFlags.Instance | BindingFlags.NonPublic);
if (connectionStringField != null)
{
return connectionStringField.GetValue(BaseMembershipProvider(site)).ToString();
}
else
{
return "";
}
}
it worked for me with out any Error
thanks babania
SQL Express 2005 is running locally. I have a project written by another person running on the same machine. All I want to do is connect to it, can't be that hard right?
This is the one I use in my old classic ASP code to hit another database running on the same instance:
Provider=SQLOLEDB;Data Source=MYLAPTOP\MSSMLBIZ;Persist Security Info=True;User ID=TestUser;Password=letmein;Initial Catalog=TestDB
But trying a version of that makes the .net code throw a wobbler as he's written it using SQLServer drivers so its not liking the Provider stuff.
Here is the orginal connection string from his code:
Server=(local);Initial Catalog=TheDatabase;User Id=TheUser;Password=ThePassword;
I've been to http://www.connectionstrings.com/sql-server-2005 and tried several of the options from there, these all get "SQL Server does not exist or access denied" (what a lovely mixed error message that is!):
Data Source=localhost;Integrated Security=True;Initial Catalog=TheDatabase
Data Source=localhost\SQLEXPRESS;Integrated Security=True;Initial Catalog=TheDatabase
Data Source=MyLaptop\SQLEXPRESS;Integrated Security=True;Initial Catalog=TheDatabase
Server=MyLaptop\SQLEXPRESS;Initial Catalog=TheDatabase;User Id=TheUser;Password=ThePassword;
I've created logins for MyLaptop/IUSR_MyLaptop, MyLaptop/ASPNET, MyLaptop/IWAM_MyLaptop in SQL Express and given them all read/write permissions to my DB and set their default DB to be TheDatabase.
What the heck am I doing wrong and how can I debug the problem some more?
UPDATE: Special Thanks to Chris for all his pointers, got there in the end, if you are having similar problem please read all the comments there are lots of links and tips on how to track them down.
Can you advise exactly what is in the config?
Are you using the block - in which case a valid connection string would be:
<add name="connection" providerName="System.Data.SqlClient" connectionString="Data Source=localhost\MSSMLBIZ;Initial Catalog=TheDatabase;Integrated Security=True" />
or
<add name="connection" providerName="System.Data.SqlClient" connectionString="Data Source=localhost\MSSMLBIZ;Initial Catalog=TheDatabase;Integrated Security=False;User Id=TheUser;Password=ThePassword;Application Name=AppName;" />
Or are you getting the connection string from app settings - in which case I guess your provider is set in code inside the app itself?
With that error message in your comment you should run through the items in http://blogs.msdn.com/sql_protocols/archive/2007/05/13/sql-network-interfaces-error-26-error-locating-server-instance-specified.aspx
I presume the instance is running and does allow connections over tcpip?
Shouldn't your datasource read: Data Source=localhost\sqlexpress too?
You don't mention granting rights for 'TheUser' to access the database on the server - if you're restored from another server you may had a sid mismatch.
Try running
sp_update_users_login 'report'
against the db in question.
If it returns the user account in the report try:
sp_update_users_login 'update_one', 'theuser', 'theuser'
to remap things.