Help: Login failed for User ???

[Guest]

Please Help me. I've got a .Net 2003 program that attaches to a SQL Server
machine and I'm getting the above error when a user tries to log in. The SQL
server is setup to use Windows Auth. and I have added the new user to the
database and have given the user access to the database for the app. But
everytime I try and login using this users ID, I always get the error:
Login failed for user Christian.Gaut
If I login using my userid and password, the program works fine, but if I
login (into windows) as the user and try it again, same thing happens. I
tried putting the userid and password(windows) in the connect string, but
that is not helping either. Now, in the user properties of the database, it
won't allow me to change the password for the user (I guess cause I'm using
Windows Auth). So should I leave the password blank in the connect string?
Any help would be great, thanks again for taking the time to stop by.
Michael

 

[Guest]

Hi Everyone,
After looking back at the message, I thought that the connection string
might be a good thing to add to the list. The connect string is as follows:
"User=Christian.Gaut Password=??? packet size=4096;integrated
security=SSPI;data source=BACKUPSVR\BKUPEXEC;persist security
info=False;initial catalog=NF_Inventory"

Now I've only put the userid and password here for testing only. I can leave
that in, and login into my machine(using my ID) and it will work. Any ideas.
Thanks
Michael

 

[Jim Hughes]

www.connectionstrings.com is your friend.

Since you are using Windows Auth, your connectionstring should look like
this:

"Integrated Security=SSPI;Data Source=BACKUPSVR\BKUPEXEC;Initial
Catalog=NF_Inventory"

or

"Server=BACKUPSVR\BKUPEXEC;Database=NF_Inventory;Trusted_Connection=True"

 

[Guest]

Hi Jim,
I tried using the new version of the connect string and have the same
problem. I'll include more detail here:
Here is some additional info that might help. I have the follwoing setup in
Enterprise Manager.
Server -> Security -> Logins -> General Tab
The name is listed as 'NARCO??????\christian.gaut
The properties for this user are set as:
Windows Authentication
Domain = NARCO?????? (but grayed out)
Security Access = Grant
and the default database is set.
Server Role Tab:
Nothing set here.
Database Access:
Only the database that needs accessing is checked for permission.

Now if I look in the follwoing
Database -> Users (Users for this database)
The name is christian.gaut and the Login Name value includes the domain and
has Permit access to db.
The properties are set as followed:
Permit in Database Role:
Public, db_owner, db_datareader, db_datawriter are checked.
and for the permissions I set every possible option (Select, insert, update
and delete) for all the tables and SP's.

We are running on a domain. If I'm using Windows Auth, is the Userid and
Password in the connection string even used?

Ok here is what I have so far:
I login Windows(using my UserId and password), Run application, I can get
into the database with any problems.

I Login Windows(Using the Users ID and Password). In otherwords my
client(co-worker, ect). App starts, but as soon as it tries to access the
database I get the following error:
Login failed for user 'NARCO??????\Christian\Gaut'.
See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.Data.SqlClient.SqlException: Login failed for user
'NARCOFREEDOM\christian.gautier'.
at System.Data.SqlClient.ConnectionPool.GetConnection(Boolean&
isInTransaction)
at
System.Data.SqlClient.SqlConnectionPoolManager.GetPooledConnection(SqlConnectionString options, Boolean& isInTransaction)
at System.Data.SqlClient.SqlConnection.Open()
at System.Data.Common.DbDataAdapter.QuietOpen(IDbConnection connection,
ConnectionState& originalState)
at System.Data.Common.DbDataAdapter.FillFromCommand(Object data, Int32
startRecord, Int32 maxRecords, String srcTable, IDbCommand command,
CommandBehavior behavior)
at System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32
startRecord, Int32 maxRecords, String srcTable, IDbCommand command,
CommandBehavior behavior)
at System.Data.Common.DbDataAdapter.Fill(DataSet dataSet)
at NF_Inventory.frmProductStatus.frmProductStatus_Load(Object sender,
EventArgs e)
at System.Windows.Forms.Form.OnLoad(EventArgs e)
at System.Windows.Forms.Form.OnCreateControl()
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl()
at System.Windows.Forms.Control.WmShowWindow(Message& m)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
at System.Windows.Forms.ContainerControl.WndProc(Message& m)
at System.Windows.Forms.Form.WmShowWindow(Message& m)
at System.Windows.Forms.Form.WndProc(Message& m)
at System.Windows.Forms.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg,
IntPtr wparam, IntPtr lparam)


************** Loaded Assemblies **************
removed for readability
**************************

I also wanted to know if any Windows security setting could cause SQL Server
access problems. For example, the user that I'm trying to get access for,
will not have admin rights to his machine, as will most users here. Could one
of these settings be causing problems with SQL Server since I'm using Windows
Auth security in SQL Server. Thanks again.
Michael
P.S. I'm researching now to try and find the answer to my problem, and the
above question came from one of my readings.

 

[Jim Hughes]

The users desktop permssions are not relevant to their ability to access the
SQL Server. They will not need to be admins on their desktop or the server.

UserID and Passwd are not used in the connection string when
trusted/integrated security is used and should not be present.

You can test database access by creating an empty file with as UDL extension
and then opening it and setting the parameters and using the Test Connection
button.

The SQL Server will need to be a member server of the domain as will the
users workstations.

Internal DNS will need to be properly configured with appropriate records to
access the domain controllers.

Firewall settings on the SQL Server will need to be set to allow access for
Named Pipes.

The SQL Server Network Configuration network utility will need to be set to
allow Network connections via Named Pipes and perhaps TCP/IP.

 

[Guest]

Hi Jim,
Thanks again for the reply.

The users desktop permssions are not relevant to their ability to access the
SQL Server. They will not need to be admins on their desktop or the server.

I was sure that the case, but wanted to make sure there was not some wierd
setting that would make a difference.

UserID and Passwd are not used in the connection string when
trusted/integrated security is used and should not be present.

Understood. Have removed all that.

You can test database access by creating an empty file with as UDL extension
and then opening it and setting the parameters and using the Test Connection
button.

The SQL Server will need to be a member server of the domain as will the
users workstations.

Internal DNS will need to be properly configured with appropriate records to
access the domain controllers.

Firewall settings on the SQL Server will need to be set to allow access for
Named Pipes.

The SQL Server Network Configuration network utility will need to be set to
allow Network connections via Named Pipes and perhaps TCP/IP.

On my development machine (logged in as myself) I can use the application
without any login errors, but as soon as I Login into windows(again on my dev
machine) using the clients(employees here) userid and password, my app will
not work and gives the lonin error as noted before.

I have a question about something I read in the online help.
<Quote
When a network user tries to connect, SQL Server uses Windows-based
facilities to determine the validated network user name. SQL Server then
verifies that the person is who they say they are, and then permits or denies
login access based on that network user name alone, without requiring a
separate login name and password.
/>
Does this mean that the password needs to be set in SQL Server. I ask,
because, since I have Windows Auth set for the database, I can't change any
of the users passwords. If I have to include the passwords for the users,
how do I do this in Windows Auth mode?
I was trying to do a test and just setup the db so that it uses only SQL
Auth, but when I try to change it to SQL Auth in the Edit database
registration, I get an error:
SQL Server registration failed because of the connection failure.
Login failed for user 'sa'. Reason: Not associated with a trusted SQL Server
connection.

I was thinking of changing over to SQL Auth to make it easier (If I've got
to go through this each time I add a new user). What do you all think? I've
heard that Windows Auth is better than plain SQL Auth. Why? How about
creating a single userid and password on the server and user that combo in
the connect string to connect to the db. I hope I can get Windows Auth to
work, so I won't have to go in this direction.
Thanks for hanging in there.
Michael

 

[Guest]

Hi Jim,
Thanks SO MUCH for you help

SQL Server operates in WIndows Auth or Mixed, sounds like yours is Windows
Auth only.

Yes, Windows Only

Did you try the UDL test? I would also try connecting with Query Analyzer in
Windows Auth mode as the client on your dev machine to eliminate
connectionstring issues as being the problem.

I didn't do this one yet, I can use Query Analyzer from my dev machine. It
seems like the Protocals are working right, since I can use the app without
any problems(under My Windows Userid).
This came up yesterday, because we had a new install of the app and the
admin guys built a pc for them and after installing the app, the program
would not login using the users id. Then I went to my spare machine and
logged in as the user and got eh Login errors again, then I reLogged in as me
and it worked fine.

Windows Auth is generally considered more secure, especially if you are
embedding the username/password combo in the app.config. It is also usually
easier to manage because the user only needs to remember one password.

Ok, I'll leave it this way, as LONG AS I CAN FIND THE DARN Solution, lol.

The following procs may also help track down the problem.

exec sp_helpuser
exec sp_helpgroup
exec sp_helplogins
exec sp_table_privileges 'Customers
exec sp_helpdb
exec sp_helprotect

Don't give up on Windows Auth, I think it's worth it!

I will look into these proces and see what I can find. Thanks agaon so much.
Michael

 

[Guest]

I just wanted to let you all know that I found the problem. It was a connect
string, but it was hidden in a few SQLConnection objects that where used on
several screens. It now works as expected. Thanks again for all the help.
Michael

 

[Jim Hughes]

Glad to hear it!

I just wanted to let you all know that I found the problem. It was a
connect
string, but it was hidden in a few SQLConnection objects that where used
on
several screens. It now works as expected. Thanks again for all the help.
Michael