CODEWITHSUNDEEP
.netsqlauthenticationconnection-string
Marcel Popescu
Marcel Popescu

Reputation: 3351

SQL integrated security using computer name instead of user name

I am trying to an SQL Express instance on the same network, authenticating with my domain user. It works just fine with Windows Authentication in SSMS. I verified that I can use the MyDB database, including editing tables.

However, when I try the following connection string:

Server=ipaddress\SQLExpress; Database=MyDB; Integrated Security=SSPI;

I get back an error:

Cannot open database "MyDB" requested by the login. The login failed. Login failed for user 'ROMANIA\MONSTER2$'

The problem is that MONSTER2 is the name of my computer, not my username. (ROMANIA is the domain.) What am I doing wrong?

[Edit] I forgot something that might be relevant: I am trying to open the connection from a webservice running on my computer.

Upvotes: 29

Views: 20151

Answers (5)

Rishit
Rishit

Reputation: 726

Check that the applications hosted on IIS are running under the correct application pool rather than the DefaultAppPool.

Upvotes: 1

James Cooke
James Cooke

Reputation: 1184

I had the same problem, and for a similar reason. (blush).

Even though I correctly set up my application pool to use the service account credentials instead of the LocalService/NetworkService etc, for some reason the Application itself was not using that application pool. It was set to DefaultAppPool. Very easy to miss, if one continues to assume that IIS was set up correctly.

Upvotes: 1

Salman Siddique
Salman Siddique

Reputation: 90

I needed to do both in my situation:

<authentication mode="Windows" />
    <authorization>
        <deny users="?" />
    </authorization>
<identity impersonate="true" />

Upvotes: 1

Enrico Campidoglio
Enrico Campidoglio

Reputation: 59963

Your web service is running under the NT AUTHORITY\Network Service security context. This will cause the process to use the host's machine account when accessing network resources in the domain.

You'll have to configure the web service to run with your domain identity.

If you're hosting your web service in IIS, you can do this through impersonation. Here's an example:

<configuration>
    <system.web>
        <identity
            impersonate="true"
            userName="ROMANIA\username" 
            password="********" />
    </system.web>
</configuration>

Upvotes: 20

Raj More
Raj More

Reputation: 48024

That is because your web server is not set up to use the identity of the person using the service, but rather the identity of the computer it is running on.

Check if your web.config for the web service contains: <authentication mode="Windows" />

Upvotes: 15

Related Questions