I have created a custom aspx page within my Sharepoint site with a SQL Server connection to a database on that server to select data. When I view the page it works, but when another user tries to view it it gives the following error :
Server Error in '/' Application.
Login failed for user 'GRINCOR\GuguK'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'GRINCOR\GuguK'.
Can someone give me a solution to this problem? I am using Sharepoint Services 3.0.
From what I can see you can't login on your Database.
Login failed for user 'GRINCOR\GuguK'
This means that the user with Name Guguk can't login.
Maybe you're using Integrated security in your connection string and perhaps you should go with specified credentials instead of having to grant every user who might access the page with permissions in the database.
I would do following:
Create an Active Directory Group with all users that should have access to the SharePoint Site
Add this Group to the SharePoint Site with appropriate privileges (Member)
Add this Group to the MS SQL Server database with appropriate privileges (db_writer?)
I have not tested but I think it should work. It also simplifies the management of the users because you have a central point where you manage users (Active Directory)
Granting Access to a SharePoint page is completely different then granting access to a database.
For the sharepoint page, you have to modify user privileges under "people and groups". Since you mentioned this is a completely custom aspx page, I'm assuming you have it in the _layouts folder in which anybody who has access to your sharepoint site already has permissions to view the page.
For your database, I agree with above. Create a SQL user and use that user in the connection string to the database. This way, no matter who logs into sharepoint they will be using your sql user as credentials for database information.
Related
I've developed a website which connects to a SQL Server 2012 instance. This works fine in my development environment. However, when trying to deploy to a production environment, the page returns the following error:
Server Error in "/theapp" Application.
Invalid User Account
Description: an unhandled exception occured during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code
Exception Details: System.Data.SqlClient.SqlException: Invalid User Account
screen shot of stack trace
I am struggling to find any documentation regarding this on the Internet; is there anyone who might know where I can start looking for a resolution?
Thanks kindly!
Update (4/7/2016 # 3:18pm): The service account is a domain account which has correct permissions on the database. In addition, the same account is used by another website to connect to the same database, and this works fine.
Update (5/7/2016 # 10:16am): The only thing I can think of is something to do with the usage of LINQ to SQL queries within the application. Does this sound like a possible cause?
As the error says, the credentials you are using to connect to sql server are incorrect.
Make sure you are using correct credential viz. user name and password in your connection string. You can check it by logging on to sql server instance from these credentials.
If you are using integrated security, i.e. windows authentication, verify if the user have given permission on sql.
When you pass Windows authentication through a website, the identity of your app pool is the user credentials that are supplied. Be sure your app pool for the site is set to use the same user as you expect in the identity of the app pool. Also, be sure integrated security is set to SSPI, not true, in the connection string.
i publish an mvc3 application on a webserver IIS7 and i want to connect my application with a remote SQL server ( different machine)
here is my connection string:
connectionstring="server=server;database=db;user Id=user;password=psw;user instance=false" providername="System.Data.SqlClient"
i m using entityframework.
i also added the user in the connectionstring to security folder under database in sql management studio with dbo rights.
the problem is i get an error : failed to open a session for the user
SQL exception (0x80131904)
Have you checked the user mapping for the login?
You can find the logins under the server folder security -> logins.
Check there is a login mapped to the database user. Select the appropriate login -> properties -> user mapping tab.
The fact that a user exists in a database, does not directly mean that there is a valid login associated with that user. Ensure that a login maps to the database user and that the user has the required database role.
After hours of research i just figure out that adding the whole groupe of computers (Domain\Computers) granted me the access to the database. i changed my connectionstring to use integrated security= sspi. From the beginning it was a Connection problem.
I having the following error message:
Cannot open database "SmallBakery" requested by the login. The login failed. Login failed for user 'IIS APPPOOL\MyAppPool'
How can correct this? I am using windows 7 Enterprise Edition and Sql server 2012.
If you don't change, each app pool has it's own identity. In your case, just add a new user to your database SmallBakery with the name IIS APPPOOL\MyAppPool using SQL Management Studio. You find the users list in the "Security/Users" subnode of your database. This should look something like that:
For testing, let the user be member of the db_owner role. If that works, remove this role and just let it be member of db_datareader and db_datawriter.
This way, each app pool (perhaps each website, if they all use their own app pool) only has access to the corresponding database.
It depends on how you want to authenticate in your app. Are you trying to use impersonation in your app?
What's happening right now is the identity of your app pool in IIS is getting passed when trying to access the database. You can change the identity of your app pool to be something that has access to the database or you could change your connection string to use a specific login instead of integrated security.
Check this post out. Your problem sounds similar to one I was running into, with the same exact error message.
http://blogs.msdn.com/b/sqlexpress/archive/2011/12/09/using-localdb-with-full-iis-part-2-instance-ownership.aspx
Like others said so far you need to take your app pool system user (IIS AppPool\myapppool) and add it as database user for that database with appropriate permissions.
Note that this will work just find on your IIS/Server but if you plan on migrating application to a different IIS/Sql server it will require changes in both SQL Server and IIS. I’d suggest you also consider sql server authentication – it may be more convenient for your specific case.
In my case these steps lead me to successfully handle this error.Hope it will help you also
I have a Website and it works fine locally (when I run it using MS Visual Studio 2010), but When I uploaded it on the Web, it gives me this error message!
So, please what should I do to fix this problem?
Many thanks.
Look at the authentication information in your connection string. Whatever user is trying to access the database, make sure they have permission.
Posting the connection string stored in ATRProDBConnStr might give more insight as well.
So, please what should I do to fix this problem?
You should check the permissions between the web application and the SQL server.
Is the connection string correct (providing the correct user credentials for the application)?
Does the production database have grant the same permissions to the application's database user as the local database?
If the application doesn't use credentials, does the database grant the same permissions to the server's web application user as it does the local application user?
The error is basically SQL server telling you that your application isn't allowed to perform an action on the database. The application works fine (except for the lack of error handling which generated this page), it just needs permissions on the SQL server.
I'm trying to set up SSRS 2008 on my desktop machine for development purposes.
The following is working fine:
Report deployment on local server
Previewing the report in BIDS
Access to htpp://localhost/Reports panel
But when I point the ASP.NET Reportviewer to the Report URL, I get the following error:
The permissions granted to user 'NT-AUTHORITY\NETWORKSERVICE' are insufficient for performing this operation. (rsAccessDenied)
How can I get around this error? Is there any dialog where I can grant SSRS access rights to certain forms authentication roles? I've googled quite a bit on this, but what I have found so far was either outdated or quite confusing.
Edit: Several users of my web app are going to have access to the same database, so I need the UserID build-in field (User!UserID) to reflect the user's Forms authentication ID. I guess the only way to achieve this is making SSRS work with forms auth?
You web application is running as Network Service so that is the user you are trying to connect to Report Server as. You have several options. One, you can grant Network Service permission to execute the report you are trying to run. Two you can have your web application impersonate a windows user and give the correct users permission to the report. Three you can impersonate impersonate a different user when connecting to RS. I believe to do the last one you will have to write some extension code for the viewer to tell it how to impersonate before connecting, but for the other two there would be no code change.
You could also look into using Report Server in Forms auth mode if your web site is not an internal site, but this is more complicated.
EDIT for 2nd Question:
Yes, you will need each user to be unique when they access RS so you will need to use Forms Auth or windows auth or write your own custom authentication extension.