Configure IIS 8 for SQL Server Authentication - asp.net

I'm getting the following error when trying to query SQL Server 2012 from Windows 2012 IIS 8.5, in an MVC 4 website:
SqlException (0x80131904): Login failed for user [domain/user]
I have the connection string in Web.config set up just the way we did it back in the olden days:
<add name="MYPROJECT.Properties.Settings.defaultConn" connectionString="Data Source=MYSERVER;Initial Catalog=MYDATABASE;Persist Security Info=True;User ID=MYUSER;Password=MYPASSWORD"
IIS8 seems to be using an Application Pool to login, bypassing the connectionstring in Web.config.
Database and Website are on different servers. Is there a straightforward way that I can configure IIS to bypass the Application Pool and read the connectionstring from Web.config?

If Persist security info is set to true, it will be ignored. From MSDN
The ConnectionString is similar to an OLE DB connection string, but is not identical. Unlike OLE DB or ADO, the connection string that is returned is the same as the user-set ConnectionString, minus security information if the Persist Security Info value is set to false (default). The .NET Framework Data Provider for SQL Server does not persist or return the password in a connection string unless you set Persist Security Info to true.

Related

How to connect ASP.NET app to remote SQL Server

I need help connecting my Web App to a remote database (SQL Server).
I have tried many suggested solutions but I can't seem to come right.
This is how I connect to a local database, it works 100%:
<add name="DBCS" connectionString="Data Source=serverName;Initial Catalog=MVNE_Website;Integrated Security=True" providerName="System.Data.SqlClient" />
My ASP.NET Web App is hosted on one server, and the database is on a separate server.
The remote DB server is 100% configured to allow remote connections and firewall rules also adhere to the connection protocols. I think it is just my connection string that is incorrect but I don't know why??
Here it is(conn string for remote SQL server)
<add name="DBCS" connectionString="server=serverIP\serverName; database=MVNE_Website; Integrated Security=True" providerName="System.Data.SqlClient" />
I don't use a username or password when connecting to this remote SQL Server so I did not see a point in adding it in the conn string?
There can be a few reasons why this will not work. Here are 2 common ones:
Your web application will pass the username the application pool is running under, (which by default is some system user) to SQL Server. Change this to be a service account which has access to SQL Server.
If you are hopping across 2 or more servers to pass the credentials between IIS and SQL Server, you may need to implement Kerberos, which is a way to preserve the credentials. This is a complex network configuration thing.
Check point 1 first.
:/
In my web.config file custom errors mode was on RemoteOnly, so I turned it off and saw that my connection string was never the problem, the actual problem was that the app was trying to insert null into a primary key field that does not allow null, i never set the PK to auto increment
.. sorry and thanks

Integrated Security=true is trying to log me with my windows credentials even though I want to use SQL authentication

I'm working on ASP.NET Web Forms application, using standard ADO.NET for quering the database. Since today I've been developing on my local machine, using local resources (including local isntance of SQL Server 2008) and I use a very simple connections string plus Windows auth to connect to my database:
<add name="MyConn" connectionString="Data Source=MY-PC\SQLEXPRESS;Initial
Catalog=MyDataBaseName;Integrated Security=true;"/>
But today I wanted to remove to a remote SQL SERVER so I changed my connection string accordingly:
<add name="MyConn" connectionString="Data Source=TheRemoteServer;
Initial Catalog=MyDataBaseName;User Id=MyId;Password=MyPassword;
Integrated Security=true;"/>
and when I try to connect to the database, when I reach :
try
{
connection.Open();
I get an error that connection can not be established for user and here come my Windows user instead the ID I've provided in the connection string. However if I set Integrated Security=false; (to False) everything starts working. I don't know why. It seems strange and since it obviously has something to do with security I'm bothered leaving it like that. So what are my options here?
Integrated Security:
When false, User ID and Password are specified in the connection. When true, the current Windows account credentials are used for authentication.
Recognized values are true, false, yes, no, and sspi (strongly recommended), which is equivalent to true.
If User ID and Password are specified and Integrated Security is set to true, the User ID and Password will be ignored and Integrated Security will be used.
SqlCredential is a more secure way to specify credentials for a connection that uses SQL Server Authentication (Integrated Security=false).
SQL Credential
Just use the following:
<add name="MyConn" connectionString="Data Source=TheRemoteServer;
Initial Catalog=MyDataBaseName;User Id=MyId;Password=MyPassword;"/>
or
<add name="MyConn" ConnectionString="Server=myServerName\myInstanceName;
Database=myDataBase;User Id=MyId;Password=myPassword;"/>

plesk panel using host user in Connection String in asp.net

I have developed a web apllication in asp.net with its connection String in web.config file and working very well in localhost. But when i deployed to hosting server using windows shared hosting it fives the error
Logic failed for user anama76
where anama76 is my domain user.My database userName is anama_Muneeb. I am finding it difficult to know that why connection string is using the domain user to connect to Db.
I have used connection in web.config to make sql server authentication
What is the solution
Your connection string must match the user name:
<add
name="ConnectionString"
connectionString="Data Source=your_database_server;Initial Catalog=your_database_name;User Id=anama_Muneeb;Password='your_password';"
providerName="System.Data.SqlClient"/>

How should i change connection string, for hosting asp.net site

connectionString=Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True providerName=System.Data.SqlClient
// what should i change in my connection string so i can host my asp.net site on aspspider.info...
//i get this errod
SqlException (0x80131904): User does not have permission to perform this action....and so on...
\SQLEXPRESS;Initial Catalog=dubaicargo;
Persist Security Info=True;User ID=username;Password=password;pooling=false
change your connection don't use integrated security. the above connection is just a sample. there are many ways to connect to yourdatabase with more security see this for list connection strings
Try to use SqlServer Authentication instead of windows authentication

connectionstring to sqlmembershipprovider asp.net

I have added the sqlmembershipprovider to my dynamic data project for logging in and registering and such.
However, I am having problems with the connection string. The database is on a remote sql server 2008 database server.
Below I have a connection string for the entities:
<add name="xxEntities"
connectionString="metadata=res://*;provider=System.Data.SqlClient;provider connection string="Data Source=xx.xx.x.xxx;Initial Catalog=XX;Integrated Security=True;MultipleActiveResultSets=True""
providerName="System.Data.EntityClient" />
When I hit the membership provider, I get this error:
Keyword not supported: 'metadata'.
on this line of code:
System.Web.Security.Membership.GetAllUsers(0, 1, count)
Do I need a separate connection string for the provider? Or should I be able to use the above string with all my connections, including my membership provider?
thanks.
Try using this connectionString template + change the User-ID, Password, Initial Catalog
Provider=SQLOLEDB.1;Persist Security Info=True;Data Source=xxx.xxx.xxx.xxx;User ID=RemoteApp;Password=xxx;Initial Catalog=xxx;

Resources