Use Domain User to Authenticate SQL from IIS

Question

0.00/5 (No votes)

See more:

I have this SQL Server instance which has different write/read permission for different Domain Users (Groups) in my LAN.
Currently, I am developing an Intranet ASP.NET Application which uses Windows Authentication.
But, When I tried to connect the SQL through Application, It shows this error

Login failed for user 'DOMAIN\SERVER_NAME$'.

Can I use the same logged in Domain permission to connect the SQL Server,
or Can I log in to the SQL Server without switching on 'SQL Server Authentication' on my SQL Server ?

Posted 9-Mar-15 3:59am

Yesudass Moses

Add a Solution

Comments

[no name] 9-Mar-15 10:05am

Which authentication are u used? and ur connection string?

Yesudass Moses 10-Mar-15 1:20am

Windows Authentication..
and, the connection string is ::
"data source=SQL-SERVER;Integrated Security=SSPI;Initial Catalog=DB_NAME;"

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Answer 1 · 2015-03-09T04:20:00

You need to enable impersonation:
Using IIS Authentication with ASP.NET Impersonation[^]

XML

<configuration>
  <system.web>
    <identity impersonate="true" />
  </system.web>
</configuration>

If SQL is not on the same server as IIS, you will need to perform additional configuration - in particular, make sure the IIS server is trusted for delegation, and that you're using Kerberos instead of NTLM.

Checklist for Double Hop issues {IIS and SQL Server}[^]
How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0[^]

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'[^]

Ensure your Application server is set as Trusted for Delegation. Ensure in IIS that Anonymous Authentication is disabled and Windows Authentication is enabled, if using Windows 2008, enable ASP.Net Impersonation also. If using Windows 2008 and your app pool is running under Network Service then goto Advanced settings of Windows Authentication and turn Kernal Mode off. Set yourDomain\yourAppServer$ to have read access to the ASP.Net application folder.

If you still can't get it to work, you might need to switch from Windows to Basic authentication:

How to: Access SQL Server Using Windows Integrated Security[^]

In IIS, only Basic Authentication logs users on with a security token that flows across the network to a remote SQL server. By default, other IIS security modes used in conjunction with the identity configuration element settings will not result in a token that can authenticate to a remote SQL Server.