Trusted connection problem

  • Thread starter Thread starter MuZZY
  • Start date Start date
M

MuZZY

Hi,

I wonder if someone can help me with the problem:
At work we have a network domain with a MS SQL Server box.
I am trying to connect to the server using ADO.NET in my asp.net page:

//----------------------------------------
SqlConnection con =
new SqlConnection( "Server=MYSERVER;Database=MYDATABASE;Integrated
Security=SSPI");

try
{
con.Open();
}
catch (SqlException ee) {return false;}
//-----------------------------------------

I have administrative rights on the domain, but when i try to connect i
get the exception. When i look in the ee.Message it says something like
"Access denied for user=null..."
So why i can't connect using trusted connection?
Do i need to set anything else as well?

By the way, IIS server i am using is on my machine and integrated
security is turned on there.
Also i don't have probelms connecting to the server thru Qyery Analyser
or Enterprise Manager using Windows Logon.

Any ideas would be highly appreciated!

Thank you in advance,
Andrey
 
MuZZY said:
Hi,

I wonder if someone can help me with the problem:
At work we have a network domain with a MS SQL Server box.
I am trying to connect to the server using ADO.NET in my asp.net page:

//----------------------------------------
SqlConnection con =
new SqlConnection( "Server=MYSERVER;Database=MYDATABASE;Integrated
Security=SSPI");

try
{
con.Open();
}
catch (SqlException ee) {return false;}
//-----------------------------------------

I have administrative rights on the domain, but when i try to connect i
get the exception. When i look in the ee.Message it says something like
"Access denied for user=null..."
So why i can't connect using trusted connection?
Do i need to set anything else as well?

By the way, IIS server i am using is on my machine and integrated
security is turned on there.
Also i don't have probelms connecting to the server thru Qyery Analyser
or Enterprise Manager using Windows Logon.

Any ideas would be highly appreciated!

Thank you in advance,
Andrey
Click to expand...


Update: That's exactly the excepton message:

"Login failed for user '(null)'. Reason: Not associated with a trusted
SQL Server connection."

I can't understand where the problem comes from...
 
Hi,

asp.net applications use aspnet local windows account (or networking service
on w2k3) and it won't work with integrated security.
Either use sql server security or change the <identity> node to run under
some other account.
 
Have you checked that ASP.NET is actually impersonating the caller? (for
example, you can check what's returned by WindowsIdentity.GetCurrent())

Also, if the client, the webserver and the database server are in 3 separate
computers, this won't work without making some changes. The problem is that
when you use integrated security, by default Windows will not allow
applications to pass security identities across computers for more than one
hop; so if you have 3 computers in your scenario (which is actually the
typical scenario), you can pass the identity from the client computer (where
the browser is running) to the web server, but then you cannot do another
hop from there to the database.

There is a mechanism called "delegation" that enables you to do that, but
requires specific configuration steps. You can find more information at
http://support.microsoft.com/default.aspx?scid=kb;en-us;810572

--
Pablo Castro
Program Manager - ADO.NET Team
Microsoft Corp.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top