The webserver ASPNET account may not be properly mapped with Server2(SQL).
Just delete the ASPNET acocunt in sql server, and create a Nt Account like
Server1\AspNet (Not a SQL serve account).
if nothing is working create a new Account in Webserver and assign to Worker
process account and refer the same account in Sql Server too.
Regards,
Govind.
"DC Gringo" wrote:
> Using latest SP Win2k and .NET versions, I have a .NET application running
> on server1 with a SQL Server database running on server2. I have the
> Windows user account passwords sync'd for server1\aspnet (installed by .NE
T
> Framework and server2\aspnet (created by me--this machine has no .NET
> Framework on it). The aspnet user on the database server (server2) has
> access to the database.
> I still get: Login failed for user '(null)'. Reason: Not associated with
a
> trusted SQL Server connection.
> IIS is set to Windows Integrated Authentication...although same result wit
h
> Anonymous, with and without IIS controlling password that I enter.
> --
> Here's my connection string:
> Me.SqlConnection1.ConnectionString = "workstation id=""CIL-094"";packet
> size=4096;integrated security=SSPI;data source=""myserver"";persist securi
ty
> info=False;initial catalog=mydb;"
>
> --
> Here's my web.config:
> <?xml version="1.0" encoding="utf-8" ?>
> <configuration>
> <system.web>
> <compilation defaultLanguage="vb" debug="true" />
> <customErrors mode="Off" >
> <error statusCode="404" redirect="~/errors/missingPage.aspx" />
> </customErrors>
> <authentication mode="Windows" />
> <authorization>
> <allow users="*" /> </authorization>
> <trace enabled="true" requestLimit="10" pageOutput="true"
> traceMode="SortByTime" localOnly="true"/>
> <sessionState
> mode="InProc"
> stateConnectionString="tcpip=127.0.0.1:42424"
> sqlConnectionString="data source=127.0.0.1;"
> cookieless="false"
> timeout="20"
> />
> <globalization requestEncoding="utf-8" responseEncoding="utf-8" />
> </system.web>
> </configuration>
> --
> _____
> DC G
>
>The most common answer is to run your web app under a domain account and
give that domain account access to SQL Server.
I have tried to use this "mapping of a local account" before. It only works
if both the account name and the password are the same on both machines.
Since the ASPNET account's password is managed by IIS, and changed on a
regular basis, it would be an unusual event to sync the ASPNET account.
Good Luck
-- Nick
"Govind" <Govind@.discussions.microsoft.com> wrote in message
news:AD9D9A50-2323-41F5-8987-F42DEFF51148@.microsoft.com...
> The webserver ASPNET account may not be properly mapped with Server2(SQL).
> Just delete the ASPNET acocunt in sql server, and create a Nt Account like
> Server1\AspNet (Not a SQL serve account).
> if nothing is working create a new Account in Webserver and assign to
Worker
> process account and refer the same account in Sql Server too.
> Regards,
> Govind.
>
> "DC Gringo" wrote:
>
running
.NET
with a
with
security
Nick,
I have been using the "mapping of a local account" without a problem for
quite awhile now. Why do you say that they ASPNET account's password would
be changed on a regular basis?
I have manually set the ASPNET account's password on our web server and
hardcoded it (in clear text) in the machine.config (granted this may not be
the most secure thing), but why would IIS ever change it?
I have also created a local ASPNET user on our SQL box with matching
password. Works fine.
I chose not to go with a domain account simply because I did not fully
understand (and still don't) what all permissions I would need to apply to
that account on our webserver to mimick the default ASPNET user.
Greg
"Nick Malik" <nickmalik@.hotmail.nospam.com> wrote in message
news:JFeZc.103692$mD.57229@.attbi_s02...
> The most common answer is to run your web app under a domain account and
> give that domain account access to SQL Server.
> I have tried to use this "mapping of a local account" before. It only
works
> if both the account name and the password are the same on both machines.
> Since the ASPNET account's password is managed by IIS, and changed on a
> regular basis, it would be an unusual event to sync the ASPNET account.
> Good Luck
> -- Nick
> "Govind" <Govind@.discussions.microsoft.com> wrote in message
> news:AD9D9A50-2323-41F5-8987-F42DEFF51148@.microsoft.com...
Server2(SQL).
like
> Worker
> running
> .NET
has
> with a
> with
id=""CIL-094"";packet
> security
>
I misspoke and I offer my apologies. ASPNET password is not known to the
end user, but it is not managed by IIS either.
You do have to change it so that you will know what it is.
You do agree, though, that the username and password for the local accounts
must be the same on both machines, yes?
The correct steps for creating a local account to run ASP.NET are described
here:
http://msdn.microsoft.com/library/d...
d15.asp
Including all the details of what privileges are required at a minimum.
A good blog that provides a FAQ for ASP NET security is:
http://blogs.bartdesmet.net/bart/ar...2004/07/31.aspx
HTH,
-- Nick
"Greg Burns" <greg_burns@.DONT_SPAM_ME_hotmail.com> wrote in message
news:%23M9TBrIkEHA.3612@.TK2MSFTNGP12.phx.gbl...
> Nick,
> I have been using the "mapping of a local account" without a problem for
> quite awhile now. Why do you say that they ASPNET account's password
would
> be changed on a regular basis?
> I have manually set the ASPNET account's password on our web server and
> hardcoded it (in clear text) in the machine.config (granted this may not
be
> the most secure thing), but why would IIS ever change it?
> I have also created a local ASPNET user on our SQL box with matching
> password. Works fine.
> I chose not to go with a domain account simply because I did not fully
> understand (and still don't) what all permissions I would need to apply to
> that account on our webserver to mimick the default ASPNET user.
> Greg
>
> "Nick Malik" <nickmalik@.hotmail.nospam.com> wrote in message
> news:JFeZc.103692$mD.57229@.attbi_s02...
> works
> Server2(SQL).
> like
the
by
.NET
> has
result
> id=""CIL-094"";packet
>
> You do agree, though, that the username and password for the local
> accounts
> must be the same on both machines, yes?
Most definately.
> http://msdn.microsoft.com/library/d...d15.as
p
Great link!
Thanks,
Greg
"Nick Malik" <nickmalik@.hotmail.nospam.com> wrote in message
news:DNDZc.276086$eM2.75113@.attbi_s51...
>I misspoke and I offer my apologies. ASPNET password is not known to the
> end user, but it is not managed by IIS either.
> You do have to change it so that you will know what it is.
> You do agree, though, that the username and password for the local
> accounts
> must be the same on both machines, yes?
> The correct steps for creating a local account to run ASP.NET are
> described
> here:
> http://msdn.microsoft.com/library/d...r />
mod15.asp
> Including all the details of what privileges are required at a minimum.
> A good blog that provides a FAQ for ASP NET security is:
> http://blogs.bartdesmet.net/bart/ar...2004/07/31.aspx
> HTH,
> -- Nick
> "Greg Burns" <greg_burns@.DONT_SPAM_ME_hotmail.com> wrote in message
> news:%23M9TBrIkEHA.3612@.TK2MSFTNGP12.phx.gbl...
> would
> be
> the
> by
> .NET
> result
>
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment