can anyone help me on connection strings using custom service account.
I have gone through the MSDN guidance on connect to SQL Server using Windows authentication
but somehow unable to figure out how to get the custom service account to work.
My connection string is as follows:
<add name="GTR.MDFConnectionString" connectionString="Server=SGDB3;Database=GTR;Trusted_Connection=Yes;"/>
Have also created the an app pool successfully using the custom service account as identity and checked the application is running under this new app pool.
In the SQL server 2008r database, i have also added the custom service account as a new login to my database GTR with read write access roles
However, when my ASP.NET web application runs and access the database, it throws a login failed sqlexception referencing my personal domain ID and not my custom service ID.
"Cannot open database "GTR" requested by the login. The login failed.
Login failed for user 'ryan'."
Custom service id: SGImport
My domain id: ryan
Can anyone please guide me on whats wrong and how i should get the web application to connect to database as the custom service account and not the user account?
Related
I have an asp.net application running in IIS using the account which has access to my database. With windows authentication, I am able to log into this account in sql server manager and other things. In my connection string, I have Integrated Security=true, and the error message I get when loading a page using this connection string references the correct user. (Not 'IIS APPPOOL\ect...' like all the other instances of this question I have found on SO). Is there something else that can cause this issue? I just dont understand why I am able to log in with the same windows account in other applications.
I have created a website using ASP.net with simple data connection which is working fine in localhost. when I want to publish the same, I am getting this error. "Cannot open database "Abcdb" requested by the login. The login failed. Login failed for user 'XYZ-Domain\XYZ-SVR-01$'.
I don't have the user 'XYZ-Domain\XYZ-SVR-01$' in my SQL Server (SQL Express 2012).
I have my server in a virtual machine .
my connection string is "Data Source=XYZ-05-VM1\SQLEXPRESS;Integrated Security=True;Initial Catalog=Abcdb".
do I have to create a user in my database as shown above or else can I use existing database user. I am very new to this technology. Kindly help me.
Try it
<connectionStrings>
<add connectionString="Data Source=.\SQLEXPRESS;Initial Catalog=Abcdb;Integrated Security = SSPI" providerName="System.Data.SqlClient" />
</connectionStrings>
The error means that the server could be reached and the database name is correct. The problem is that the login is invalid.
From the login name I suppose that you have set Integrated Security=SSPI in your connection string and therefore try to authenticate with the account that your application is running under at the SQL Server. On your development machine, this is your user account that on a typical developer machine will be granted high access rights to the local SQL Server.
After you have deployed your application to IIS, it will run in an AppPool that is basically a process under a specific user account (the AppPool account). You need to grant this user account access to the database. In your case, this account is the Network Service account of the server you have your application deployed to. So you need to either grant the Network Service account access to the database or follow this - cleaner - approach:
Create a new Service account in your domain that is dedicated to your application.
Configure your AppPool to run under this account. Assert that the account has the minimum amount of access rights on the server that is possible.
Grant this account access to your database.
If you want to check the database connection settings, have a look at the connectionStrings section in your web.config. This link shows the available settings for SQL Server.
i publish an mvc3 application on a webserver IIS7 and i want to connect my application with a remote SQL server ( different machine)
here is my connection string:
connectionstring="server=server;database=db;user Id=user;password=psw;user instance=false" providername="System.Data.SqlClient"
i m using entityframework.
i also added the user in the connectionstring to security folder under database in sql management studio with dbo rights.
the problem is i get an error : failed to open a session for the user
SQL exception (0x80131904)
Have you checked the user mapping for the login?
You can find the logins under the server folder security -> logins.
Check there is a login mapped to the database user. Select the appropriate login -> properties -> user mapping tab.
The fact that a user exists in a database, does not directly mean that there is a valid login associated with that user. Ensure that a login maps to the database user and that the user has the required database role.
After hours of research i just figure out that adding the whole groupe of computers (Domain\Computers) granted me the access to the database. i changed my connectionstring to use integrated security= sspi. From the beginning it was a Connection problem.
I'm trying to publish an asp.net website on a remote server. When my code tries to connect to the database, I get the error message described in the question title. Now, I've gone into the Microsoft SQL Server Management Studio for SSE 2008 and can see the list of logins. NT AUTHORITY\NETWORK SERVICE is there, but I'm not sure what settings I need to change to allow this user to access the database. I've tried using impersonation in my web.config file using the windows login credentials for the server, but that just brings up the same error message, with my windows username instead of NETWORK SERVICE.
My connection string is as follows:
connectionString="Data Source=MECHTRONICRND\SQLEXPRESS;Initial Catalog='C:\Inetpub\aspnettest\App_Data\FLEETMANAGERDB.MDF';Integrated Security=True"
Any ideas?
Thanks
--Amr
Thanks for your replies. After looking at this tutorial, I found out how to allow users access to a database. Once I had allowed NETWORK SERVICE read and write access to the database, my website worked fine with the original connection string.
--Amr
Your connection string should be:
"Data Source=MECHTRONICRND\SQLEXPRESS;Initial Catalog=FLEETMANAGERDB;Integrated Security=True"
Also, this is trying to connect to the database as the account that's used by the web server. You could run the web service (configure IIS accordingly) as a domain user, and then create a login and database user for that account. Otherwise, you will have to create a database user (in FleetManagerDB) for the Network Service account, which isn't recommended. Or yourself if you are impersonating yourself.
Here is the scenario:
IIS 6 and SQL Server 2005 on same machine:
I have just created a new application inside of my main website in IIS.
The root website has its own database. The application I just created under the root site has its own database, as well.
ASP.net pages in the root site connect to their database using trusted security. This web site is running in the default app pool which uses Windows' Network Service account.
The new application I just created is using that same app pool.
I added the network service account to the new application's database's users and granted db_owner, just like the root site's db is set up. When I try to run my new application I get this error:
Login failed for user ''. The user is not associated with a trusted SQL Server connection.
When I switch the new app's connection string to use the sql server sa account, it works. I do not want to use the SA account.
I cannot figure this out! Please help.
By default IIS will try to use an ASPNET account which needs to be granted access to SQL Server. I don't have a setup anymore to describe this but the following link offers a couple of solutions:
bytes.com/groups/net-asp/290050-setting-up-integrated-security-sql-server
Sounds like the database is expecting SQL Authentication instead of Windows Authentication.
In that case you have to add the login as a user to the database you want to use and give the appropriate permissions