Why do I get the server name instaid of the UID

Question

I'm trying to access my SQL Server database using a service account. I'm putting the information as so:

<add name="conn" 
     connectionString="Data Source=mtl1sqlitmp3\mtl1sqlitmp3;Initial Catalog=IT_Ops; Integrated Security=SSPI;User ID=service account; Password=password" 
     providerName="System.Data.SqlClient" />

For some reason, it always gives me usermane of the server.

Why is that?

What do I have to change to make the appropriate connection?

Thanks,

Answer 1

To resolve my issue, I've kept the Integrated Security=SSPI and removed the UID and PW from the connection string.

Instead, I've configured my service account and password in the Identity option of the Application Pools of my website in IIS.

It now works as expected.

Thanks for your help

Answer 2

 Integrated Security=SSPI

This means you are requesting integrated security. You will authenticate with the service account of your process (be it ASP.Net pool if such) or an impersonated context if impersonating and constrained delegation is enabled. Connection string user name and password are ignored if integrated security is used.

You should use integrated security not user name and password, so you better focus on getting this working properly (set up your process to work as the appropriate service account and grant the necessary permissions to this account). Remember that passwords in connection strings in config are likely leaked.

Answer 3

You specified Integrated Security=SSPI in your connection string, presumably without realizing what that meant. As explained in the ConnectionString documentation (among many other places):

If User ID and Password are specified and Integrated Security is set to true, the User ID and Password will be ignored and Integrated Security will be used.

(Note that "SSPI" means the same thing as "True")