Login failed for user 'NT AUTHORITY\NETWORK SERVICE' - asp.net

I tried to open the website from a broswer. The project is deployed at an IIS server.
I am getting this exception:
Exception information:
Exception type: SqlException
Exception message: Cannot open database "TestDB" requested by the login. The login failed.
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Any solution?

Your IIS application runs under the NT AUTHORITY\NETWORK SERVICE account
You can use Windows Authentication and Impersonation http://msdn.microsoft.com/en-us/library/aa292118%28VS.71%29.aspx
Use Windows Authentication and a fixed account (either by adding the NT AUTHORITY\NETWORK SERVICE account to SQL Server or by creating a new account for that purpose and configuring the application pool in IIS to use that account)
Or you can use SQL authentication with user name and password in the (possibly encrypted) connection string in the web.config

The service user account 'NT authority network service could not be created???
if you are facing issue while entering superuser
password
re-password
and you are using postgresql version --postgresql-10.16-1-windows then plz go for older version that is postgresql-10.15-1-windows

Related

Login Failed for user 'NT Authority\Anonymous Logon' with identity_impersonate = true

My application is hosted on IIS, where app pool is running with Built-in Account Network Service and Asp.Net impersonation is true for this website.
Website connects to sql server with Integrated Security = True
And all the required roles are provided in Web.config Allowed Roles.

ASP Error: SqlException (0x80131904): Login failed for user 'DOMAIN\MACHINENAME$'. When trying to launch ASP page

This had been working fine in our prior server Windows 2012. New server is 2019.
IIS Setup:
DefaultAppPool using ApplicationPoolIdentity as its identity.
Anonymous and Windows Authentication enabled.
Both prior and current server hitting same SQL Server.
When we try launching the ASP Page, we get this error:
SqlException (0x80131904): Login failed for user 'DOMAIN\MACHINENAME$'.
In other posts I've read that it could be the connection string Trusted Connection setting that is incorrect, but the connection string is built inside the page code and it's never changed.
We've also read that since ApplicationPoolIdentity uses NT AUTHORITY\NETWORK SERVICE as its user, then we'd need to add that service account to the SQL Server.
Again, it had been fine without it in the prior server. But just to try it, we added it to the User list as DB_OWNER in SQL Server.
But still get same error.
Connecting to the SQL server outside of this scenario is no an issue, we can get to it in SSMS and otherwise.
Any ideas and help appreciated!
Thanks
If you see a failure like this: Login failed for user 'DOMAIN\MACHINENAME$'. It means that a process running as NETWORK SERVICE or LocalSystem accessed a remote resource, authenticated itself as a machine account and was denied authorization. When access to the machine account is denied, the machine account must be granted access. If the server denies login to 'DOMAIN\MACHINE$', then you must grant login permission to 'DOMAIN\MACHINE$' instead of NETWORK SERVICE.

sql server 2008 Login failed for user 'NT AUTHORITY\NETWORK SERVICE'

I am trying to connect my website to my sql server 2008 r2 on windows server 2003 with .net framework 4
This is the connection string:
<add name="TestDbConnectionString"
connectionString="Data Source=(local);Initial Catalog=RESv5;integrated security=SSPI;"
providerName="System.Data.SqlClient" />
I got an exception, which is:
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
I saw this question Login failed for user 'NT AUTHORITY\NETWORK SERVICE' and I tried to make a user named as NT AUTHORITY\NETWORK SERVICE but I still have the problem,
edit1
I have already tried to use a username and password. this is the connection string
<add name="TestDbConnectionString"
connectionString="Data Source=(local);Initial Catalog=RESv5;integrated security=SSPI;User Id=sa;Password=myPassword;"
providerName="System.Data.SqlClient" />
but still have the problem
You're using Windows authentication to enter the server, so it uses the Windows account access from the client to validate access/permissions. When in development, the "client" is really the VS development server, but when you deploy to a real web server, the "client" runs as another account, the one that is used to start the its service, NOT yours.
Often SQL Servers are configured at installation to allow yourself sysadmin access, but barely anything else to other users, that's why you get an access denied.
One option would be to use SQL authentication with user/password. Security-wise, this would be the best option if the same web server runs many websites (as they may be isolated from each other data's).
If you absolutely want to use Windows authentication, the real solution would be to give permissions to the built-in account NT AUTHORITY\NETWORK SERVICE at SSMS:
CREATE LOGIN [NT AUTHORITY\NETWORK SERVICE] FROM WINDOWS WITH DEFAULT_DATABASE=[RESv5]
GO
USE [RESv5]
GO
CREATE USER [NT AUTHORITY\NETWORK SERVICE] FOR LOGIN [NT AUTHORITY\NETWORK SERVICE]
GO
ALTER ROLE [db_owner] ADD MEMBER [NT AUTHORITY\NETWORK SERVICE]
GO
Try removing the integrated security=SSPI from the connection string, or set it to false. See below my successful login with sa user:
EDIT: Here is a detailed explanation, maybe it help you to find where you're wrong:
http://msdn.microsoft.com/en-us/library/ff648340.aspx
Your website is running under service account NETWORK_SERVICE in IIS, this is a computer user and can't access your SQL. To fix this you should set your website to use "identity impersonate=true" in your web.config. However if you are running this on the server you might lose the authenticated user in what's called a 'double-hop' where your IIS server cannot relay your authenticated user to the SQL server in another step (PC (1)-> IIS (2)-> SQL).
Milica Medic is correct in her answer but in your reply you specified a user "william" is this a SQL user or a windows user? If Windows user then this won't work, to relay windows users to SQL you need to do it in web.config (see 1. above). The sql connection assumes the user is a SQL user not windows user.
your attempt with username/password is close but you are still specifing Integrated Security=SSPI which tries to force windows user authentication to the SQL.
Try and make a connection string like this:
connectionString="Data Source=SQLSERVERINSTANCE;Initial Catalog=myDB;Persist Security Info=True;User ID=sa;Password=myPassword"

login failed for user nt/authority

I am trying to deploy my website and wcf runs in my localhost...if i login i.e use db i am gettin this error...Any idea wht the pblm would be ?
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Few months ago I had also faced the same kind of problem. This occurred because by default the database connection string uses a trusted connection and When a client is accessing SQL Server via a trusted connection the database you are accessing might have a trusted connection account within the userlist with db_owner rights to the target database.Here are the steps to remove the error.
Here is the SOLUTION for the problem:
Its very simple, just you need to add a new user instead of the previous user for your database.
For example: I had a database named CRM having user crm. I created a new user for my database CRM as kos.
Here are the steps to do so:
Open your SQL Server Management Studio.
Click on the database node and then the Security node->Logins.
For further visit: http://kopila.com.np/login-failed-for-user-in-asp-net.html
This looks to me like you're using Windows Authentication when the account that the ASP net process is running under doesn't have access to the sql server.

Login failed for user 'NT AUTHORITY\NETWORK SERVICE'

I been strugling with this for 2 days now without comming any closer to solution. I have read 20-30 threads alteast and stil can not resolve this.
Please help me out.
I have disable anonymous authentication, enable asp.net impersonation.
I have added <identity impersonate = "true" />
I have added the a user to the security logins that is connected to the database I try to connect to
This is the connectionstring I use:
Data Source=IPTOSERVER;Initial Catalog=Phaeton;User Id=User;Password=Password;
errormessage:
Cannot open database "Phaeton.mdf" requested by the login. The login failed.
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.
I was experiencing a similar error message that I noticed in the Windows Event Viewer that read:
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. Reason: Failed to open the explicitly specified database. [CLIENT: local machine]
The solution that resolved my problem was:
Login to SqlExpress via SQL Server Management Studio
Go to the "Security" directory of the database
Right-click the Users directory
Select "New User..."
Add 'NT AUTHORITY\NETWORK SERVICE' as a new user
In the Data Role Membership area, select db_owner
Click OK
Here's a screenshot of the above:
The error message you are receiving is telling you that the application failed to connect to the sqlexpress db, and not sql server.
I will just change the name of the db in sql server and then update the connectionstring accordingly and try it again.
Your error message states the following:
Cannot open database "Phaeton.mdf" requested by the login. The login failed.
It looks to me you are still trying to connect to the file based database, the name "Phaeton.mdf" does not match with your new sql database name "Phaeton".
Hope this helps.
If the error message is just
"Login failed for user 'NT AUTHORITY\NETWORK SERVICE'.", then grant
the login permission for 'NT AUTHORITY\NETWORK SERVICE'
by using
"sp_grantlogin 'NT AUTHORITY\NETWORK SERVICE'"
else if the error message is like
"Cannot open database "Phaeton.mdf" requested by the login. The login
failed. Login failed for user 'NT AUTHORITY\NETWORK SERVICE'."
try using
"EXEC sp_grantdbaccess 'NT AUTHORITY\NETWORK SERVICE'"
under your "Phaeton" database.
I liked Jed's solution but the issue with that was every time I built my project in debug mode, it would deploy my database project and removed the user again. so I added this MySQL script to the Post-Deployment script.
it practically does what Jed said but creates the user every time I deploy.
CREATE USER [NT AUTHORITY\NETWORK SERVICE]
FOR LOGIN [NT AUTHORITY\NETWORK SERVICE]
WITH DEFAULT_SCHEMA = dbo;
Go
EXEC sp_addrolemember 'db_owner', 'NT AUTHORITY\NETWORK SERVICE'
You said it worked fine when you were using SQL Express edition. By default express editions create a named instance & run in NT Authority\Network Service.
SQL Server STD by default install a default instance & run in NT Authority\SYSTEM.
Do you have both the full SQL edition & Express edition installed on the same machine?
It could be that somewhere the connection string still refers to the Named instance 'SQLEXPRESS' rather than the default instance created by the full version.
Also where is the connection string defined? In IIS or your code? Make sure that if defined in many places, all point to same SQL instance & database.
Also try looking at the detailed error present in the SQL Server error logs. The error logged in event log are not complete for secuirty reasons. This will also help you to know if the connection was made to the correct SQL Server.
Also make sure that the machine on which SQL is installed is accessible & IIS is trying to access the same machine. In my company sometimes due to wrong name resolution, the query fails since most of our computers have SQL installed & the query lands in the wrong SQL Server.
Make sure that the database exists in the SQL Server. The name displayed under databases in SQL Management Studio should match that in the connection string.
The SQL Server login required is DOMAIN\machinename$. This is the how the calling NT AUTHORITY\NETWORK SERVICE appears to SQL Server (and file servers etc)
In SQL,
CREATE LOGIN [XYZ\Gandalf$] FROM WINDOWS
The Best way is to create a user for your application and assign the permissions that are suitable for that user. Dont use 'NT AUTHORITY\NETWORK SERVICE' as your user it has its own vulnerability and it is a user that has permissions to so many things on the OS level. Stay away from this built in user.
I am using Entity Framework to repupulate my database, and the users gets overridden each time I generate my database.
Now I run this each time I load a new DBContext:
cnt.Database.ExecuteSqlCommand("EXEC sp_addrolemember 'db_owner', 'NT AUTHORITY\\NETWORK SERVICE'");
Make sure that the database is created. I got the same error when I applied the migration to the wrong project in the solution. When I applied the migration to the right project, it created the database and that solved the error.

Resources