I have a strange problem setting up my webapplications. I have a clean webserver machine where I have two web applications. One is a asp.net application while the other is a silverlight application. Both should use the same database hosted on an external db server.
My problem is that while my asp.net application is working as it should my silerlight application is not even loaded. Loads for about a minute (No silverlight loading indicator) before I get the Internet Explorer cannot display the webpage with following information:
•Internet connectivity has been lost.
•The website is temporarily unavailable.
•The Domain Name Server (DNS) is not reachable.
•The Domain Name Server (DNS) does not have a listing for the website's domain.
•There might be a typing error in the address.
•If this is an HTTPS (secure) address, click Tools, click Internet Options, click Advanced, and check to be sure the SSL and TLS protocols are enabled under the security section.
If I change my connectionstring in web.config for the silverlight application to connect to the test db server (also external) it works fine.
This tells me that the applications should be configured correctly?
connectionstring : <add name="myConn" connectionString="Data Source=prod_server;Initial Catalog=mydb;Persist Security Info=True;User ID=myusername;Password=mysecretpassword" providerName="System.Data.SqlClient"/>
They are running in the same application pool. I have also tried setting them up in separate applicationpools with no luck.
Fiddler reports an 504 error, but why does my web application work? This IIS 7.5
Hope someone can help
Solved it. Was a db update that timed out. Some developers should learn to use logging!
Related
I am trying to run a django website which connects to a SQL Server, using IIS with Windows authentication.
IIS server and SQL server are on different machines under the same domain i.e., iis_machine.example.com and sql_machine.example.com
What I'm trying to achieve:
Impersonate the remote user accessing the django website hosted on
IIS, so his Windows credentials are passed to SQL Server for
authentication.
What I tried so far:
Added this to my web.config file for impersonation
<system.web>
<identity impersonate="true" />
</system.web>
Enabled Windows authentication and set up Application Pool (django_web) for django website as shown below
This is what my Authentication for django website looks like in IIS
This is what my Application Pool for django website looks like in IIS
Added IIS APPPOOL\django_web to SQL Server Security\Logins
Result:
When I access the django website, IIS prompts the user for his
Windows credentials and I can successfully login
If user tries to access SQL Server after logging in
Case a. IIS, SQL Server are on the different machines: SQL server authentication fails with
"Login failed for user 'domain\MACHINENAME$'
Case b. IIS, SQL Server are on the same machine, SQL server authentication is successful but authentication credentials used are IIS APPPOOL\django_web not domain\remote_user
I understand that there is some Kerberos trickery involved with this setup. Unfortunately, I'm only a programmer and not very familiar with how Kerberos works. If someone experienced in this domain, could shed some light on how this setup would work, that'd be really appreciated. Thanks!
I am using:
IIS 10 SQL
Server 2014
django 2.0.7
Python 3.6.5
Windows 8/10
I'm trying to host my website in Windows Server 2012, I've configured everything and placed my site folder in wwwroot, when I launch from the IIS as a localhost I get this error at start,
Cannot open database "rental_db" requested by the login. The login failed.
Login failed for user 'IIS APPPOOL\mysitename.com'.
I've used Windows Authentication to login in sql server and I can access it properly. I'm not sure what is actually causing the problem. Here is the connection string code of web.config,
<add name="rental_dbEntities" connectionString="metadata=res://*/Models.rentalModel.csdl|res://*/Models.rentalModel.ssdl|res://*/Models.rentalModel.msl;provider=System.Data.SqlClient;provider connection string="data source=MYSERVER2012\SQLINSTANCENAME;initial catalog=rental_db;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
Note: I've shifted my published project folder from my desktop to server. Why is this happening?
You need create on your IIS App_Pool with the same name, and create in your SQL Server the user with all privileges.
My projects folder is on a network drive, and I'm running Windows 8.1. If I create a brand new web site in Visual Studio 2013 that consists entirely of a single static file, test.js, and launch it using the IIS Express 8.5 that came with visual studio, I am able to view the contents of that file in my browser.
But, if I then go into Web.Config and turn on Windows Authentication using the code below, that same path now becomes a 404.0 error.
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false"/>
<windowsAuthentication enabled="true"/>
</authentication>
</security>
</system.webServer>
If, however, I follow this same procedure on a local path, it works just fine. It also works if I open the site in Visual Studio 2010 and run it with the ASP.NET Development Server.
Since it is Windows 8, which prevents other users (and by extension anything running as Administrator) from seeing my network drives, one possibility that occurred to me was that IIS might elevate itself when I turn on Windows Auth, but according to the task manager the IIS worker process is still running as me.
So far, I have tried:
Switching to a "Classic" app pool so that I can turn on on <identity impersonate="true"/>. (had no effect)
Changing the physicalPath of the <virtualDirectory/> to the UNC path of the share. (changes the error to 401.3, not authorized)
Giving Everyone full control of the folder on the file server. (had no effect)
Changing the default <processModel /> so the app pools run as me. (no effect)
One thing that has worked is giving "Everyone" access to the share itself, but for obvious security reasons I can't leave it like that. This also only solves the problem with physicalPath set to the UNC path (which Visual Studio likes to overwrite).
How can I get Windows Authentication to work on IIS Express without it trying to access my networked files as a different user?
Is your computer a member of a domain? Perhaps it's your browser set to autologin using windows credentials for all intranet sites. You can turn this off in Internet explorer and force it to prompt for the user id and password. In internet explorer go to tools, internet options, security, click Local Intranet, then click the Custom Level button at the bottom. Scroll all the way to the bottom of the settings list and change the Logon option from Automatic Logon to Prompt for user name and password. Then it should prompt for login the next time you go, and login using an account you know has access.
I've been trying to resolve this question for a couple weeks now via Google and reading SO, and not had much luck, so I thought I'd finally try asking myself.
I'm setting up a very, very simple ASP.NET site on our intranet to generate some information for internal users. I'm using Windows authentication, rather than anonymous access, because based on what user hits the site I will be generating different information.
Long story short, this works perfectly in testing on my local Windows 7 machine where I developed the application. However, from the Windows 2008 R2 server where I want it to reside, when I hit the site I get a pop-up asking for my credentials, and even if I enter them it asks me for them again and again. This happens regardless if I'm hitting the site remotely or locally. If I try using anonymous access I can reach the site both ways but as I cannot identify the user I cannot generate the information I would like to provide.
Notes:
In IIS, I have Windows Authentication and ASP.NET Impersonation
enabled for the site. Everything else is disabled.
For the sake of figuring it out, I currently have the web.config set to allow all users and am not denying any.
The host/URL I'm using for it is toolName.organization.local
I was concerned that it was an issue of the 2008 R2 server admin user residing in a different domain then my remote user that I was testing with but again it does not work locally either.
In the AppHost file, I currently have windowsAuthentication enabled.
<windowsAuthentication enabled="true">
<providers>
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
Admittedly, I typically use forms authentication on this server for all of our other internal sites so I'm a bit new to windows authentication and this issue. At this point I'm just not sure what to try or check next, so any advice would be helpful. Thanks.
I know this is a slightly old topic, but I had this exact same problem. Turns out I had the AppPool using Identity: ApplicationPoolIdentity instead of NetworkService. Once I switched that (under Advanced Settings in IIS7.5) I no longer got the server prompting for additional credentials and the pass-through worked perfectly.
Hope that helps!
First, you should realize that Windows passthrough authentication only works with Internet Explorer, and then only if the site is in the trusted sites, or intranet sites security group. Firefox, Chrome, etc.. will always prompt for credentials.
Having said that, you have a couple of issues.
You should have an <authentication mode="Windows" /> element in your web.config
You should decide if you want the app to run in the context of the user, in which case you would also need an <identity impersonate="true"/> tag. If not it should be false (although this is the default).
You do not need to have any authorization rules in your web.config if the site itself is completely guarded by windows authentication.
Just in case it's helpful, the problem for me was that I had left my application pool in Classic mode, in order to try to use NTFS permissions. I never got that to work, but once I switched it back to Integrated mode, I could use <allow> and <deny> tags to configure specific users' access.
I am working on an ASP.NET application and am trying to add user authentication. As a first step, I am using the Web Site Administration tool (Website | ASP.NET Configuration) to manage users and permissions.
Accessing this website is incredibly slow. To load the main page takes 30 seconds. When navigating to the Security page (also 30 seconds), I am presented with this error:
I have authentication mode set to "Forms" in the web.config file.
There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store.
The following message may help in diagnosing the problem: Unable to connect to SQL Server database.
It asks me to run "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe", which also gives me an error message.
How do I fix these problems with speed and enabling security/users?
The issue that you are getting is due to an invalid SQL Server connection, you can setup the SQL Server connection in the web.config, once it is able to actually connect to the database, it will perform in the proper manner.
EDIT below is the code needed in web.config to setup the new connection
<connectionStrings>
<clear />
<add name="LocalSqlServer" connectionString="server=yourservername;database=somedatabasename;etc..." />
</connectionStrings>