SQL Windows Auth

Question

I have a local test environment set up with IIS. I'm using the connection string below to connect with c# in the codebehind of an ASPX page using my windows auth. I am getting the error that [PCNAME]/ASPNET login failed. Why is the user name ASPNET attempting to login when I've specified my connection string to use my login?

user id=[UID];password=[PASS];server=[LOCALSERVER];database=db_specialOps;Trusted_Connection=yes

Answer 1

Connection string for Windows authentication:

connectionString="Server=MyServer;Database=MyDb;Trusted_Connection=Yes"

OR

connectionString="Initial Catalog=MyDb;Data Source=MyServer;Integrated Security=SSPI;"

No user/pass

---

Connection string for SQL authentication with user/pass

connectionString="Server=MyServer; Database=pubs; User Id=MyUser; password= P@ssw0rd"
        providerName="System.Data.SqlClient"

Also see this question, might help you: Connect to SQL Server using windows authentication and specific account

Answer 2

Remove the Trusted_Connection=yes part of the connection string. It tells the sql client library to connect to the sql server, using the Windows auth, with the current process' Windows identity. In the ASP.NET case that is [PCNAME]/ASPNET. That's why you see that error message.

If you want to use sql auth, just supply username and password as you do - without the Trusted_Connection=yes part.

Answer 3

Trusted authentication uses the credentials of the user that is executing the process. If it is specified as yes, then the username and password in your connection string are ignored.

In this case, the ASPNET user account is the user that is running the process, so this is the account that is being used to connect to SQL Server.

Checking, another SO question addresses this issue.

When using Trusted_Connection=true and SQL Server authentication, will this effect performance?