I am trying to connect my website to my sql server 2008 r2 on windows server 2003 with .net framework 4
This is the connection string:
<add name="TestDbConnectionString"
connectionString="Data Source=(local);Initial Catalog=RESv5;integrated security=SSPI;"
providerName="System.Data.SqlClient" />
I got an exception, which is:
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
I saw this question Login failed for user 'NT AUTHORITY\NETWORK SERVICE' and I tried to make a user named as NT AUTHORITY\NETWORK SERVICE but I still have the problem,
edit1
I have already tried to use a username and password. this is the connection string
<add name="TestDbConnectionString"
connectionString="Data Source=(local);Initial Catalog=RESv5;integrated security=SSPI;User Id=sa;Password=myPassword;"
providerName="System.Data.SqlClient" />
but still have the problem
You're using Windows authentication to enter the server, so it uses the Windows account access from the client to validate access/permissions. When in development, the "client" is really the VS development server, but when you deploy to a real web server, the "client" runs as another account, the one that is used to start the its service, NOT yours.
Often SQL Servers are configured at installation to allow yourself sysadmin access, but barely anything else to other users, that's why you get an access denied.
One option would be to use SQL authentication with user/password. Security-wise, this would be the best option if the same web server runs many websites (as they may be isolated from each other data's).
If you absolutely want to use Windows authentication, the real solution would be to give permissions to the built-in account NT AUTHORITY\NETWORK SERVICE at SSMS:
CREATE LOGIN [NT AUTHORITY\NETWORK SERVICE] FROM WINDOWS WITH DEFAULT_DATABASE=[RESv5]
GO
USE [RESv5]
GO
CREATE USER [NT AUTHORITY\NETWORK SERVICE] FOR LOGIN [NT AUTHORITY\NETWORK SERVICE]
GO
ALTER ROLE [db_owner] ADD MEMBER [NT AUTHORITY\NETWORK SERVICE]
GO
Try removing the integrated security=SSPI from the connection string, or set it to false. See below my successful login with sa user:
EDIT: Here is a detailed explanation, maybe it help you to find where you're wrong:
http://msdn.microsoft.com/en-us/library/ff648340.aspx
Your website is running under service account NETWORK_SERVICE in IIS, this is a computer user and can't access your SQL. To fix this you should set your website to use "identity impersonate=true" in your web.config. However if you are running this on the server you might lose the authenticated user in what's called a 'double-hop' where your IIS server cannot relay your authenticated user to the SQL server in another step (PC (1)-> IIS (2)-> SQL).
Milica Medic is correct in her answer but in your reply you specified a user "william" is this a SQL user or a windows user? If Windows user then this won't work, to relay windows users to SQL you need to do it in web.config (see 1. above). The sql connection assumes the user is a SQL user not windows user.
your attempt with username/password is close but you are still specifing Integrated Security=SSPI which tries to force windows user authentication to the SQL.
Try and make a connection string like this:
connectionString="Data Source=SQLSERVERINSTANCE;Initial Catalog=myDB;Persist Security Info=True;User ID=sa;Password=myPassword"
Related
I have created a web application. I am using SQL 2012 express as a database. Its working fine when I am running on debug mode. When I deployed that application on local IIS it's throwing an error
Cannot open database "databaseName" requested by the login. The login failed.
Login failed for user 'IIS APPPOOL\MyApplicationName'.
My connection string is <add name="DefaultConnection" connectionString="Data Source=HAPPY\SQLEXPRESS;uid=sa;password=123;Initial Catalog=dwm;integrated security=sspi;" providerName="System.Data.SqlClient" />
I am able to login with this login detail on my SQL 2012 express. I am attaching a screenshot .
You are using SSPI Integrated Security, thus it is trying to use Windows authentication. Try setting to False:
connectionString="Data Source=HAPPY\SQLEXPRESS;uid=sa;password=123;Initial Catalog=dwm;integrated security=False;" providerName="System.Data.SqlClient"
Since your web application uses a SSPI Integrated Security.
You have those options :
Either add the IIS APPPOOL\MyApplicationName as a login and give the required rights to the database dwm.
But since this login is probably not known from the SQL Server you might have to change the Login used by your WebAppPool with a service account from the AD that is shared with your SQL Server.
Or change the connection string with a SQL Login (which has the required rights) - it is not recommended to use the sa login also. Also using this method reduces the security.
connectionString="Data Source=HAPPY\SQLEXPRESS;uid=mySqlLoginForMyApplicatioNName;password=itsPassword;Initial Catalog=dwm;integrated security=False;" providerName="System.Data.SqlClient"
For me EF was not creating the database and navigating to the application gave me the following -
"Cannot open database “MyDatabaseName” requested by the login. The
login failed. Login failed for user 'IIS APPPOOL\MyAppName"
Restarting the website within IIS solved my issue.
Here is my Error:
ERROR [28000] [Microsoft][ODBC SQL
Server Driver][SQL Server]Login failed
for user 'NT AUTHORITY\ANONYMOUS
LOGON'. ERROR [28000] [Microsoft][ODBC
SQL Server Driver][SQL Server]Login
failed for user 'NT
AUTHORITY\ANONYMOUS LOGON'.
Here is my connection string at application start up:
MyConnection = New Odbc.OdbcConnection("DRIVER={SQL Server};SERVER=MySqlServer;Trusted_Connection=True;DATABASE=MyDatabase")
Here is part of Web.Config:
<authentication mode="Windows"/>
<identity impersonate="false"/>
Here is my IIS(7) settings:
Authentication
Anonymous Authentication: Disabled
ASP.NET Impersonation: Disabled
Basic Authentaction: Enabled
Digest Authentication: Disabled
Forms Authentication: Disabled
Windows Authentication: Enabled
Connection Strings
MyDatabaseConnection: Data Source=MySqlServer;Initial Catalog=MyDatabase;Integrated Security=True
LocalSqlServer: data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true
I believe you may have to use ASP.Net Impersonation in this case.
http://weblogs.asp.net/achang/archive/2004/04/15/113866.aspx
As Zach says, you need to change the credentials of the user accessing the database.
So you either need to turn on impersonation as recommended or you should change the user id and password used by the application pool that is used to run your web site. This MSDN article, while a bit old, still applies and should help you do that.
What user account should be used to connect to the database? Your user account, an account on the SQL server, the IIS app pool account?
By default, if you don't give the connection string a username and password, .NET will use the AppPool's credentials, which as Simen says doesn't have sufficient privileges to the SQL server.
If you want to use the credentials of the user accessing the website (probably a bad idea), you need to use impersonation as Thyamine says, but if you want to use a SQL account that is set up for the database, then you need to put the username and password of that user into the connection string. (http://www.sqlstrings.com/SQL-Server-connection-strings.htm)
if your web application is running without Integrated Security. remove the "Allow Anonymous connections" security option. When authenticated by the web server as ANONYMOUS the request will be executed using an identity does not have sufficient privileges to your SQL Server DB.
Edit: If you are running the web server on a separate machine than the client machine you might want to investigate whether the server actually recognizes the account used on the client machine. If the machines are not part of the same security domain, you might even have to go through the questionable procedure of modifying the server's
Local Policies --> Security Options --> Network access: Sharing and security model for local accounts to the setting : Classic - local users authenticate as themselves and creating a user account with the same name and password on the server.
You might also want to investigate http logs on the server
I tried to open the website from a broswer. The project is deployed at an IIS server.
I am getting this exception:
Exception information:
Exception type: SqlException
Exception message: Cannot open database "TestDB" requested by the login. The login failed.
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Any solution?
Your IIS application runs under the NT AUTHORITY\NETWORK SERVICE account
You can use Windows Authentication and Impersonation http://msdn.microsoft.com/en-us/library/aa292118%28VS.71%29.aspx
Use Windows Authentication and a fixed account (either by adding the NT AUTHORITY\NETWORK SERVICE account to SQL Server or by creating a new account for that purpose and configuring the application pool in IIS to use that account)
Or you can use SQL authentication with user name and password in the (possibly encrypted) connection string in the web.config
The service user account 'NT authority network service could not be created???
if you are facing issue while entering superuser
password
re-password
and you are using postgresql version --postgresql-10.16-1-windows then plz go for older version that is postgresql-10.15-1-windows
I'm trying to publish an asp.net website on a remote server. When my code tries to connect to the database, I get the error message described in the question title. Now, I've gone into the Microsoft SQL Server Management Studio for SSE 2008 and can see the list of logins. NT AUTHORITY\NETWORK SERVICE is there, but I'm not sure what settings I need to change to allow this user to access the database. I've tried using impersonation in my web.config file using the windows login credentials for the server, but that just brings up the same error message, with my windows username instead of NETWORK SERVICE.
My connection string is as follows:
connectionString="Data Source=MECHTRONICRND\SQLEXPRESS;Initial Catalog='C:\Inetpub\aspnettest\App_Data\FLEETMANAGERDB.MDF';Integrated Security=True"
Any ideas?
Thanks
--Amr
Thanks for your replies. After looking at this tutorial, I found out how to allow users access to a database. Once I had allowed NETWORK SERVICE read and write access to the database, my website worked fine with the original connection string.
--Amr
Your connection string should be:
"Data Source=MECHTRONICRND\SQLEXPRESS;Initial Catalog=FLEETMANAGERDB;Integrated Security=True"
Also, this is trying to connect to the database as the account that's used by the web server. You could run the web service (configure IIS accordingly) as a domain user, and then create a login and database user for that account. Otherwise, you will have to create a database user (in FleetManagerDB) for the Network Service account, which isn't recommended. Or yourself if you are impersonating yourself.
I been strugling with this for 2 days now without comming any closer to solution. I have read 20-30 threads alteast and stil can not resolve this.
Please help me out.
I have disable anonymous authentication, enable asp.net impersonation.
I have added <identity impersonate = "true" />
I have added the a user to the security logins that is connected to the database I try to connect to
This is the connectionstring I use:
Data Source=IPTOSERVER;Initial Catalog=Phaeton;User Id=User;Password=Password;
errormessage:
Cannot open database "Phaeton.mdf" requested by the login. The login failed.
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
I was experiencing a similar error message that I noticed in the Windows Event Viewer that read:
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. Reason: Failed to open the explicitly specified database. [CLIENT: local machine]
The solution that resolved my problem was:
Login to SqlExpress via SQL Server Management Studio
Go to the "Security" directory of the database
Right-click the Users directory
Select "New User..."
Add 'NT AUTHORITY\NETWORK SERVICE' as a new user
In the Data Role Membership area, select db_owner
Click OK
Here's a screenshot of the above:
The error message you are receiving is telling you that the application failed to connect to the sqlexpress db, and not sql server.
I will just change the name of the db in sql server and then update the connectionstring accordingly and try it again.
Your error message states the following:
Cannot open database "Phaeton.mdf" requested by the login. The login failed.
It looks to me you are still trying to connect to the file based database, the name "Phaeton.mdf" does not match with your new sql database name "Phaeton".
Hope this helps.
If the error message is just
"Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.", then grant
the login permission for 'NT AUTHORITY\NETWORK SERVICE'
by using
"sp_grantlogin 'NT AUTHORITY\NETWORK SERVICE'"
else if the error message is like
"Cannot open database "Phaeton.mdf" requested by the login. The login
failed. Login failed for user 'NT AUTHORITY\NETWORK SERVICE'."
try using
"EXEC sp_grantdbaccess 'NT AUTHORITY\NETWORK SERVICE'"
under your "Phaeton" database.
I liked Jed's solution but the issue with that was every time I built my project in debug mode, it would deploy my database project and removed the user again. so I added this MySQL script to the Post-Deployment script.
it practically does what Jed said but creates the user every time I deploy.
CREATE USER [NT AUTHORITY\NETWORK SERVICE]
FOR LOGIN [NT AUTHORITY\NETWORK SERVICE]
WITH DEFAULT_SCHEMA = dbo;
Go
EXEC sp_addrolemember 'db_owner', 'NT AUTHORITY\NETWORK SERVICE'
You said it worked fine when you were using SQL Express edition. By default express editions create a named instance & run in NT Authority\Network Service.
SQL Server STD by default install a default instance & run in NT Authority\SYSTEM.
Do you have both the full SQL edition & Express edition installed on the same machine?
It could be that somewhere the connection string still refers to the Named instance 'SQLEXPRESS' rather than the default instance created by the full version.
Also where is the connection string defined? In IIS or your code? Make sure that if defined in many places, all point to same SQL instance & database.
Also try looking at the detailed error present in the SQL Server error logs. The error logged in event log are not complete for secuirty reasons. This will also help you to know if the connection was made to the correct SQL Server.
Also make sure that the machine on which SQL is installed is accessible & IIS is trying to access the same machine. In my company sometimes due to wrong name resolution, the query fails since most of our computers have SQL installed & the query lands in the wrong SQL Server.
Make sure that the database exists in the SQL Server. The name displayed under databases in SQL Management Studio should match that in the connection string.
The SQL Server login required is DOMAIN\machinename$. This is the how the calling NT AUTHORITY\NETWORK SERVICE appears to SQL Server (and file servers etc)
In SQL,
CREATE LOGIN [XYZ\Gandalf$] FROM WINDOWS
The Best way is to create a user for your application and assign the permissions that are suitable for that user. Dont use 'NT AUTHORITY\NETWORK SERVICE' as your user it has its own vulnerability and it is a user that has permissions to so many things on the OS level. Stay away from this built in user.
I am using Entity Framework to repupulate my database, and the users gets overridden each time I generate my database.
Now I run this each time I load a new DBContext:
cnt.Database.ExecuteSqlCommand("EXEC sp_addrolemember 'db_owner', 'NT AUTHORITY\\NETWORK SERVICE'");
Make sure that the database is created. I got the same error when I applied the migration to the wrong project in the solution. When I applied the migration to the right project, it created the database and that solved the error.