We are attempting to use impersonation to connect from our ASP.NET website
to a SQL Server on the same domain. The code below works just fine in our
web.config file:
<identity impersonate="tr ue" userName="mydom ain\mylogin"
password="whate ver">
However, if we attempt to impersonate the user that currently is logged in
to the client computer using ...
<identity impersonate="tr ue">
we get the error message:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection.
I'm an SA on the SQL Server box ... something else isn't quite clicking.
Any recommendations ? In IIS we have Integrated Windows Authentication
checked, and nothing else.
Thanks in advance.
Mark fi******@umn.ed u 6  2548 
just as a test, try Basic instead of Integrated auth once....
--
Curt Christianson
Owner/Lead Developer, DF-Software www.Darkfalz.com
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. .. We are attempting to use impersonation to connect from our ASP.NET website
to a SQL Server on the same domain. The code below works just fine in our
web.config file:
<identity impersonate="tr ue" userName="mydom ain\mylogin"
password="whate ver">
However, if we attempt to impersonate the user that currently is logged in
to the client computer using ...
<identity impersonate="tr ue">
we get the error message:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection.
I'm an SA on the SQL Server box ... something else isn't quite clicking.
Any recommendations ? In IIS we have Integrated Windows Authentication
checked, and nothing else.
Thanks in advance.
Mark
fi******@umn.ed u
to pass the users credentials to the sqlserver (on a different box),
delegation is required. ntlm does support delegation. only basic (which
gives iis a primary token which is allowed 1 hop) and digest (if delegation
is enabled) support passing user creditals from the iis box to a different
box.
-- bruce (sqlwork.com)
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:#V******** ******@TK2MSFTN GP12.phx.gbl... We are attempting to use impersonation to connect from our ASP.NET website
to a SQL Server on the same domain. The code below works just fine in our
web.config file:
<identity impersonate="tr ue" userName="mydom ain\mylogin"
password="whate ver">
However, if we attempt to impersonate the user that currently is logged in
to the client computer using ...
<identity impersonate="tr ue">
we get the error message:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection.
I'm an SA on the SQL Server box ... something else isn't quite clicking.
Any recommendations ? In IIS we have Integrated Windows Authentication
checked, and nothing else.
Thanks in advance.
Mark
fi******@umn.ed u
Bruce,
I executed the following code:
System.Security .Principal.IIde ntity ii = User.Identity;
System.Security .Principal.Wind owsIdentity wi = WindowsIdentity .GetCurrent();
Response.Write( "<br>IIdentity. AuthenticationT ype: " +
ii.Authenticati onType);
// Displays: IIdentity.Authe nticationType: Negotiate
Response.Write( "<br>WindowsIde ntity.Authentic ationType: " +
wi.Authenticati onType);
// Displays: WindowsIdentity .Authentication Type: NTLM
??? What does this say?
Also, how does one enable delegation as opposed to impersonation?
Thanks for your help. We appreciate it.
Mark fi******@umn.ed u
"bruce barker" <no***********@ safeco.com> wrote in message
news:et******** ******@TK2MSFTN GP12.phx.gbl... to pass the users credentials to the sqlserver (on a different box),
delegation is required. ntlm does support delegation. only basic (which
gives iis a primary token which is allowed 1 hop) and digest (if
delegation is enabled) support passing user creditals from the iis box to a different
box.
-- bruce (sqlwork.com)
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:#V******** ******@TK2MSFTN GP12.phx.gbl... We are attempting to use impersonation to connect from our ASP.NET
website to a SQL Server on the same domain. The code below works just fine in
our web.config file:
<identity impersonate="tr ue" userName="mydom ain\mylogin"
password="whate ver">
However, if we attempt to impersonate the user that currently is logged
in to the client computer using ...
<identity impersonate="tr ue">
we get the error message:
Login failed for user '(null)'. Reason: Not associated with a trusted
SQL Server connection.
I'm an SA on the SQL Server box ... something else isn't quite clicking.
Any recommendations ? In IIS we have Integrated Windows Authentication
checked, and nothing else.
Thanks in advance.
Mark
fi******@umn.ed u
Curt,
I'm not sure if this is good news, BUT it did work when I checked Basic. In
fact, it worked when I had Basic checked both with and without integrated
checked.
What does this mean? The thought of needing basic does not sound good on
the surface, but I'm no IIS guru.
Thanks!
Mark
"Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. .. just as a test, try Basic instead of Integrated auth once....
--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. .. We are attempting to use impersonation to connect from our ASP.NET
website to a SQL Server on the same domain. The code below works just fine in
our web.config file:
<identity impersonate="tr ue" userName="mydom ain\mylogin"
password="whate ver">
However, if we attempt to impersonate the user that currently is logged
in to the client computer using ...
<identity impersonate="tr ue">
we get the error message:
Login failed for user '(null)'. Reason: Not associated with a trusted
SQL Server connection.
I'm an SA on the SQL Server box ... something else isn't quite clicking.
Any recommendations ? In IIS we have Integrated Windows Authentication
checked, and nothing else.
Thanks in advance.
Mark
fi******@umn.ed u
write out the user that the system thinks you are when you use Integrated.
It may be as simple as "user" vs "domain\use r"
--
Curt Christianson
Owner/Lead Developer, DF-Software www.Darkfalz.com
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. .. Curt,
I'm not sure if this is good news, BUT it did work when I checked Basic.
In fact, it worked when I had Basic checked both with and without integrated
checked.
What does this mean? The thought of needing basic does not sound good on
the surface, but I'm no IIS guru.
Thanks!
Mark
"Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. .. just as a test, try Basic instead of Integrated auth once....
--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. .. We are attempting to use impersonation to connect from our ASP.NET website to a SQL Server on the same domain. The code below works just fine in our web.config file:
<identity impersonate="tr ue" userName="mydom ain\mylogin"
password="whate ver">
However, if we attempt to impersonate the user that currently is
logged in to the client computer using ...
<identity impersonate="tr ue">
we get the error message:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
I'm an SA on the SQL Server box ... something else isn't quite
clicking. Any recommendations ? In IIS we have Integrated Windows Authentication
checked, and nothing else.
Thanks in advance.
Mark
fi******@umn.ed u
Curt,
I tried:
System.Security .Principal.Wind owsIdentity.Get Current().Name
which should display the impersonated user. With or without the Basic
checked, it displayed the domain/user.
What does this imply? Thanks again.
Mark fi******@umn.ed u
"Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .. write out the user that the system thinks you are when you use Integrated.
It may be as simple as "user" vs "domain\use r"
--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. .. Curt,
I'm not sure if this is good news, BUT it did work when I checked Basic.
In fact, it worked when I had Basic checked both with and without
integrated checked.
What does this mean? The thought of needing basic does not sound good
on the surface, but I'm no IIS guru.
Thanks!
Mark
"Curt_C [MVP]" <software_AT_da rkfalz.com> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. .. just as a test, try Basic instead of Integrated auth once....
--
Curt Christianson
Owner/Lead Developer, DF-Software
www.Darkfalz.com
"Mark" <mf****@idonotl ikespam.cce.umn .edu> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. ..
> We are attempting to use impersonation to connect from our ASP.NET
website > to a SQL Server on the same domain. The code below works just fine
in our > web.config file:
>
> <identity impersonate="tr ue" userName="mydom ain\mylogin"
> password="whate ver">
>
> However, if we attempt to impersonate the user that currently is logged in > to the client computer using ...
>
> <identity impersonate="tr ue">
>
> we get the error message:
>
> Login failed for user '(null)'. Reason: Not associated with a
trusted SQL > Server connection.
>
> I'm an SA on the SQL Server box ... something else isn't quite
clicking. > Any recommendations ? In IIS we have Integrated Windows
Authentication > checked, and nothing else.
>
> Thanks in advance.
>
> Mark
> fi******@umn.ed u
>
>
>
>
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Nils M. Lunde |
last post by:
Hi!
I've made a Web Service using C# that is using impersonation.
The WS is working fine on WinXP and Win2003Server, but I'm having problem
getting it to work on Win2000.
The problem is that in order to use LogonUser on Win2000, you have to have
the SE_TCB_NAME privilege.
Therefore I'm using the SSPLogonUser
(http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q180/5/48.asp&NoWebContent=1)
|
by: Angelo Castigliola III |
last post by:
I am trying to write to the registry of a remote computer that is not on a
domain from a computer that is on a domain. I am trying to impersonate an
administrator account that is on this remote computer that is not on a
domain from my computer that is on a domain with this msdn example:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfSystemSecurityPrincipalWindowsIdentityClassImpersonateTopic1.asp
I can...
|
by: Divya |
last post by:
Hello,
I am developing a simple move file utility to move files from one domain to
another in the same internal network. My program runs fine when it reads the
parameters (user, domain, password etc) from a XML file to move files across
the internal network to a different domain. This is a console application
that should have the option of specifying the parameters at the commandline
prompt. When I specify the parameters at cmd line, it...
|
by: Erez Shor |
last post by:
Hi,
I need to build and asp page which access a remote windows server's
registry and create a registry key.
In order for the ASP page to be able to access the registry on the
remote server I need it to run using credentials supplied by the user.
When using basic authentication this is not an issue since the user
has to provide a user name and password.
But I don't want to use basic authentication so I created a login form
and I am using...
|
by: ajamrozek |
last post by:
I have an ASPX page that needs to display data from an Access DB that
resides on a network resource other than the running server. To access
the web page itself, I need IIS to have anonymous login set to true,
but to access the Access DB I need to pass an authenticated network
user. Not for the DB's sake but for the network directory that it
resides on.
Some more environment background: large company with tight server
control. I don't...
| | |
by: Standist |
last post by:
..net supply a Impersonate method.
There some question about this method.
Can I impersonate a user that exist in a remote computer.
|
by: Steve B. |
last post by:
Hi,
I'm having difficulties to configure security in a 3 tiers web application.
Let's explain the scenario :
A. The client computer is running in a domain in which the user is
authenticated (domain\theuser). The user call a web application
http://myserveur/myapp
|
by: =?Utf-8?B?QXZhRGV2?= |
last post by:
ASP.Net 2.
We are migrating to Windows 2008 64 bit Server with IIS 7 from Windows 2003
32 Bit with IIS 6. A few library classes we wrote uses impersonation in code
like explained in this article:
http://support.microsoft.com/?id=306158#4
This doesn't work in Windows 2008 Server, we receive the following exception:
|
by: WT |
last post by:
Hello,
IIS6 on W2K3, .net 3.5, Sql 2005.
All sp applied.
My site is using windows authentication only and the web application
connects to sql server residing on another server in the same domain using
following connection string:
<connectionStrings>
<add name="My_ConnectionString"
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
