Login failed for user 'NT AUTHORITY/NETWORK SERVICE'

[Guest]

Win2003 and VS2003 using ASP access to SQL Server msg: Login failed for user 'NT AUTHORITY/NETWORK SERVICE'. I added IWAN as a login and user to DB that I am accessing in my app and still get same msg. I must use integrated security. I have looked at all the related issues that I can find. What am I missing? Thanks.

 

[William Ryan [eMVP]]

You need to use the ASP.NET account if you want to use Integrated Security..

Win2003 and VS2003 using ASP access to SQL Server msg: Login failed for

user 'NT AUTHORITY/NETWORK SERVICE'. I added IWAN as a login and user to DB
that I am accessing in my app and still get same msg. I must use integrated
security. I have looked at all the related issues that I can find. What am
I missing? Thanks.

 

[Miha Markic [MVP C#]]

Hi,

As an addition to William.
His advice will work only if you have database server on same machine since
the asp.net account is local to the machine.
Another approach would be to set an user account under which the asp.net app
will run.
Example:
Just put a line into web.config file somewhere under
<system.web> node:

<identity impersonate="true" userName="USER" password="PASSWORD"/>

--
Miha Markic [MVP C#] - RightHand .NET consulting & software development
miha at rthand com
www.rthand.com

Win2003 and VS2003 using ASP access to SQL Server msg: Login failed for

user 'NT AUTHORITY/NETWORK SERVICE'. I added IWAN as a login and user to DB
that I am accessing in my app and still get same msg. I must use integrated
security. I have looked at all the related issues that I can find. What am
I missing? Thanks.

 

[John Sitka]

Try this.
Add the IWAN to the IIS_WPG then and the IIS_WPG (group) to the database you
want to gain access to.

 

[Guest]

I thought ASP.NET account was only for Win 2000 not 2003?

 

[Guest]

Is there not a more secure solution?

 

[Guest]

I've done that and the same result. Any ideas? The app and SQL Server are on the same machine.

 

[Miha Markic [MVP C#]]

Then enable windows aspnet account to sql server - give him rights to access
the database.

--
Miha Markic [MVP C#] - RightHand .NET consulting & software development
miha at rthand com
www.rthand.com

I've done that and the same result. Any ideas? The app and SQL Server are

on the same machine.

 

[Miha Markic [MVP C#]]

Hi,

What's wrong with impersonation?
What would be more secure?

 

[Guest]

Hi
I was under the impression that impersonation had some detrimental effects on performance in regard to connection pooling. I also thought that there was some issue regarding encrypting the web.config file. By the way, how do I do it
Are you saying that impersonation is just as secure as INTEGRATED SECURITY = SSPI?

 

[Guest]

Hi,
Thanks for your time. I thought that the windows aspnet account was ASPNET in earlier IIS, but NETWORK SERVICE in Win2003 and IIS6.0. I thought that the IIS group was IIS_WPG with its built-in members IUSR_XX and IWAN_XX. This group and these two accounts have sql logins and permission to the NWIND database but I still get referenced error msg. The Network Service account is a built in account, but I cannot reference it in SQL Server. Please, enlighten me exactly what account name must I use in SQL Server to be able to use Integrated Security and get around this error. Thank you for your patience.

----- Miha Markic [MVP C#] wrote: -----

Then enable windows aspnet account to sql server - give him rights to access
the database.

--
Miha Markic [MVP C#] - RightHand .NET consulting & software development
miha at rthand com
www.rthand.com

I've done that and the same result. Any ideas? The app and SQL Server are

on the same machine.

 

[Miha Markic [MVP C#]]

Hi,

Aspnet account is member only of users group.
They might restricted it along the path from .net 1.0 to 1.1.
So, add the aspnet account to sql server if sql server is running on the
same machine.

--
Miha Markic [MVP C#] - RightHand .NET consulting & development
miha at rthand com
www.rthand.com

Hi,
Thanks for your time. I thought that the windows aspnet account was

ASPNET in earlier IIS, but NETWORK SERVICE in Win2003 and IIS6.0. I thought
that the IIS group was IIS_WPG with its built-in members IUSR_XX and
IWAN_XX. This group and these two accounts have sql logins and permission
to the NWIND database but I still get referenced error msg. The Network
Service account is a built in account, but I cannot reference it in SQL
Server. Please, enlighten me exactly what account name must I use in SQL
Server to be able to use Integrated Security and get around this error.
Thank you for your patience.

----- Miha Markic [MVP C#] wrote: -----

Then enable windows aspnet account to sql server - give him rights to access
the database.

--
Miha Markic [MVP C#] - RightHand .NET consulting & software development
miha at rthand com
www.rthand.com

I've done that and the same result. Any ideas? The app and SQL

Server are
on the same machine.

 

[Guest]

Hie..
Don't get confuss with any other codes
It's just simple configuration and it will solve the problem

Let's do it step by step
1. We go to Ms SQL Manager
2. Looking into the folder [Security], add New Login.
3. List all of SQL Server Login Properties, select IIS_WPG, then click Add, and OK
4. Go to Tab > Server Roles and configure the option which is necessary
5. Go to Tab > Database Access; set the permission according to your needs
6. Once settle it, click Ok
7. Go back to your VS.NET 2003; Re-built and run the "page".aspx

After doing this, You won't faced this problem
Login failed for user 'NT AUTHORITY/NETWORK SERVICE

That's all
Hope that it will help those who face the same problem

Aaron