I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but the
other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this be?
There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection string
with integrated security. And sometimes it does run, almost like there's a
contest between which logon the program is going to use and in about five
minutes it connects properly. But I have no idea why it would be losing the
connection string I have in the web.config. And as I mentioned, it works
fine on another server, the difference being the other server forces the
user to login first. I have one or two forms, with several user controls
that are loaded depending on what the user selects.
Thanks for any assistance you can send my way.
10  4477 
Post a sample of your ADO connection string.
"et" <ea*************@yahoo.com> wrote in message
news:ew**************@TK2MSFTNGP10.phx.gbl... I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but
the other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this be?
There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost like there's
a contest between which logon the program is going to use and in about five
minutes it connects properly. But I have no idea why it would be losing
the connection string I have in the web.config. And as I mentioned, it works
fine on another server, the difference being the other server forces the
user to login first. I have one or two forms, with several user controls
that are loaded depending on what the user selects.
Thanks for any assistance you can send my way.
It's in the web.config file, then in my class I have it as a property:
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security Info=False" />
</appSettings>
Private mstrSQLConn As String =
ConfigurationSettings.AppSettings("SQLConnectionSt ring")
Public ReadOnly Property ConnectionString() As String
Get
Return mstrSQLConn
End Get
End Property
"bradley" <so*****@microsoft.com> wrote in message
news:O0*************@TK2MSFTNGP15.phx.gbl... Post a sample of your ADO connection string.
"et" <ea*************@yahoo.com> wrote in message
news:ew**************@TK2MSFTNGP10.phx.gbl... I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but
the other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this
be?
There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost like there's
a contest between which logon the program is going to use and in about five
minutes it connects properly. But I have no idea why it would be losing
the connection string I have in the web.config. And as I mentioned, it works
fine on another server, the difference being the other server forces the
user to login first. I have one or two forms, with several user controls
that are loaded depending on what the user selects.
Thanks for any assistance you can send my way.
I'm thinking that one control may be closing the connection while another
control is attempting to use it?? Does that mean I have to repeat the
connection process on every form and every user control, so that each
control uses it's own connection??
"et" <ea*************@yahoo.com> wrote in message
news:ew**************@TK2MSFTNGP10.phx.gbl... I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but the
other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this be?
There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost like
there's a contest between which logon the program is going to use and in
about five minutes it connects properly. But I have no idea why it would
be losing the connection string I have in the web.config. And as I
mentioned, it works fine on another server, the difference being the other
server forces the user to login first. I have one or two forms, with
several user controls that are loaded depending on what the user selects.
Thanks for any assistance you can send my way.
are your server in the same domain? can you post your web.config?
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:ew**************@TK2MSFTNGP10.phx.gbl... I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but the
other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this be?
There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost like
there's a contest between which logon the program is going to use and in
about five minutes it connects properly. But I have no idea why it would
be losing the connection string I have in the web.config. And as I
mentioned, it works fine on another server, the difference being the other
server forces the user to login first. I have one or two forms, with
several user controls that are loaded depending on what the user selects.
Thanks for any assistance you can send my way.
Yes, servers are in the same domain, however one is an external web server
(the one that works) and the one that doesn't work is an internal web
server. Below is the web.config, obviously the change between servers being
the server name and the database name. Thanks so much for your help.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="AppConfig" type="WebCommonVB.WebAppConfig, WebCommonVB" />
<section name="exceptionManagement"
type="Microsoft.ApplicationBlocks.ExceptionManagem ent.ExceptionManagerSectionHandler,
Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security
Info=False;Packet Size=4096" />
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to insert debugging symbols (.pdb
information)
into the compiled page. Because this creates a larger file that
executes
more slowly, you should set this value to true only when debugging
and to
false at all other times. For more information, refer to the
documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error
messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not
running
on the local Web server. This setting is recommended for security
purposes, so
that you do not display application detail information to remote
clients.
-->
<customErrors mode="Off" />
<!-- AUTHENTICATION
This section sets the authentication policies of the application.
Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or
Integrated Windows) according to
its settings for the application. Anonymous access must be
disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter
their credentials, and then
you authenticate them in your application. A user credential
token is stored in a cookie.
"Passport" Authentication is performed via a centralized
authentication service provided
by Microsoft that offers a single logon and core profile services
for member sites.
-->
<authentication mode="Windows" />
<identity impersonate="true"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application.
You can allow or deny access
to application resources by user or role. Wildcards: "*" mean
everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page
within an application.
Set trace enabled="true" to enable application trace logging. If
pageOutput="true", the
trace information will be displayed at the bottom of each page.
Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your
web application
root.
-->
<trace enabled="false" requestLimit="1000" pageOutput="true"
traceMode="SortByTime" localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong
to a particular session.
If cookies are not available, a session can be tracked by adding a
session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl... are your server in the same domain? can you post your web.config?
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:ew**************@TK2MSFTNGP10.phx.gbl...I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but
the other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this
be? There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost like
there's a contest between which logon the program is going to use and in
about five minutes it connects properly. But I have no idea why it would
be losing the connection string I have in the web.config. And as I
mentioned, it works fine on another server, the difference being the
other server forces the user to login first. I have one or two forms,
with several user controls that are loaded depending on what the user
selects.
Thanks for any assistance you can send my way.
why do you impersonate? In your configuration every user who wants to use
your application has to have file access (NTFS) on your application! This
might be the problem. This configuration also creates one connection pool
per user which (I assume by now) is nothing you really want.
Does this help?
Daniel
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:OI**************@tk2msftngp13.phx.gbl... Yes, servers are in the same domain, however one is an external web server
(the one that works) and the one that doesn't work is an internal web
server. Below is the web.config, obviously the change between servers
being the server name and the database name. Thanks so much for your
help.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="AppConfig" type="WebCommonVB.WebAppConfig, WebCommonVB" />
<section name="exceptionManagement"
type="Microsoft.ApplicationBlocks.ExceptionManagem ent.ExceptionManagerSectionHandler,
Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security
Info=False;Packet Size=4096" />
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to insert debugging symbols (.pdb
information)
into the compiled page. Because this creates a larger file that
executes
more slowly, you should set this value to true only when
debugging and to
false at all other times. For more information, refer to the
documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error
messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not
running
on the local Web server. This setting is recommended for
security purposes, so
that you do not display application detail information to remote
clients.
-->
<customErrors mode="Off" />
<!-- AUTHENTICATION
This section sets the authentication policies of the application.
Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or
Integrated Windows) according to
its settings for the application. Anonymous access must be
disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter
their credentials, and then
you authenticate them in your application. A user credential
token is stored in a cookie.
"Passport" Authentication is performed via a centralized
authentication service provided
by Microsoft that offers a single logon and core profile
services for member sites.
-->
<authentication mode="Windows" />
<identity impersonate="true"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application.
You can allow or deny access
to application resources by user or role. Wildcards: "*" mean
everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page
within an application.
Set trace enabled="true" to enable application trace logging. If
pageOutput="true", the
trace information will be displayed at the bottom of each page.
Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your
web application
root.
-->
<trace enabled="false" requestLimit="1000" pageOutput="true"
traceMode="SortByTime" localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong
to a particular session.
If cookies are not available, a session can be tracked by adding
a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl... are your server in the same domain? can you post your web.config?
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:ew**************@TK2MSFTNGP10.phx.gbl...I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but
the other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this
be? There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost like
there's a contest between which logon the program is going to use and in
about five minutes it connects properly. But I have no idea why it
would be losing the connection string I have in the web.config. And as
I mentioned, it works fine on another server, the difference being the
other server forces the user to login first. I have one or two forms,
with several user controls that are loaded depending on what the user
selects.
Thanks for any assistance you can send my way.
It might, I'll take out the impersonate and let you know. I had understood
the program will not run without the impersonate in there.
Thanks!
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... why do you impersonate? In your configuration every user who wants to use
your application has to have file access (NTFS) on your application! This
might be the problem. This configuration also creates one connection pool
per user which (I assume by now) is nothing you really want.
Does this help?
Daniel
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:OI**************@tk2msftngp13.phx.gbl... Yes, servers are in the same domain, however one is an external web
server (the one that works) and the one that doesn't work is an internal
web server. Below is the web.config, obviously the change between
servers being the server name and the database name. Thanks so much for
your help.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="AppConfig" type="WebCommonVB.WebAppConfig, WebCommonVB"
/>
<section name="exceptionManagement"
type="Microsoft.ApplicationBlocks.ExceptionManagem ent.ExceptionManagerSectionHandler,
Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security
Info=False;Packet Size=4096" />
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to insert debugging symbols (.pdb
information)
into the compiled page. Because this creates a larger file that
executes
more slowly, you should set this value to true only when
debugging and to
false at all other times. For more information, refer to the
documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom
error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users
not running
on the local Web server. This setting is recommended for
security purposes, so
that you do not display application detail information to
remote clients.
-->
<customErrors mode="Off" />
<!-- AUTHENTICATION
This section sets the authentication policies of the
application. Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or
Integrated Windows) according to
its settings for the application. Anonymous access must be
disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter
their credentials, and then
you authenticate them in your application. A user credential
token is stored in a cookie.
"Passport" Authentication is performed via a centralized
authentication service provided
by Microsoft that offers a single logon and core profile
services for member sites.
-->
<authentication mode="Windows" />
<identity impersonate="true"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application.
You can allow or deny access
to application resources by user or role. Wildcards: "*" mean
everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every
page within an application.
Set trace enabled="true" to enable application trace logging.
If pageOutput="true", the
trace information will be displayed at the bottom of each page.
Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your
web application
root.
-->
<trace enabled="false" requestLimit="1000" pageOutput="true"
traceMode="SortByTime" localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests
belong to a particular session.
If cookies are not available, a session can be tracked by adding
a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl... are your server in the same domain? can you post your web.config?
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:ew**************@TK2MSFTNGP10.phx.gbl...
I have an asp.net program that uses a connection string, using
integrated security to connect to a sql database. It runs fine on one
server, but the other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this
be? There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost
like there's a contest between which logon the program is going to use
and in about five minutes it connects properly. But I have no idea why
it would be losing the connection string I have in the web.config. And
as I mentioned, it works fine on another server, the difference being
the other server forces the user to login first. I have one or two
forms, with several user controls that are loaded depending on what the
user selects.
Thanks for any assistance you can send my way.
Well, no that didn't work, now I get the error: Login failed; Reason not
associated with a trust sql server connection. So the identity impersonate
needs to be there so we can connect to sql.
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... why do you impersonate? In your configuration every user who wants to use
your application has to have file access (NTFS) on your application! This
might be the problem. This configuration also creates one connection pool
per user which (I assume by now) is nothing you really want.
Does this help?
Daniel
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:OI**************@tk2msftngp13.phx.gbl... Yes, servers are in the same domain, however one is an external web
server (the one that works) and the one that doesn't work is an internal
web server. Below is the web.config, obviously the change between
servers being the server name and the database name. Thanks so much for
your help.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="AppConfig" type="WebCommonVB.WebAppConfig, WebCommonVB"
/>
<section name="exceptionManagement"
type="Microsoft.ApplicationBlocks.ExceptionManagem ent.ExceptionManagerSectionHandler,
Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security
Info=False;Packet Size=4096" />
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to insert debugging symbols (.pdb
information)
into the compiled page. Because this creates a larger file that
executes
more slowly, you should set this value to true only when
debugging and to
false at all other times. For more information, refer to the
documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom
error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users
not running
on the local Web server. This setting is recommended for
security purposes, so
that you do not display application detail information to
remote clients.
-->
<customErrors mode="Off" />
<!-- AUTHENTICATION
This section sets the authentication policies of the
application. Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or
Integrated Windows) according to
its settings for the application. Anonymous access must be
disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter
their credentials, and then
you authenticate them in your application. A user credential
token is stored in a cookie.
"Passport" Authentication is performed via a centralized
authentication service provided
by Microsoft that offers a single logon and core profile
services for member sites.
-->
<authentication mode="Windows" />
<identity impersonate="true"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application.
You can allow or deny access
to application resources by user or role. Wildcards: "*" mean
everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every
page within an application.
Set trace enabled="true" to enable application trace logging.
If pageOutput="true", the
trace information will be displayed at the bottom of each page.
Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your
web application
root.
-->
<trace enabled="false" requestLimit="1000" pageOutput="true"
traceMode="SortByTime" localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests
belong to a particular session.
If cookies are not available, a session can be tracked by adding
a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl... are your server in the same domain? can you post your web.config?
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:ew**************@TK2MSFTNGP10.phx.gbl...
I have an asp.net program that uses a connection string, using
integrated security to connect to a sql database. It runs fine on one
server, but the other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this
be? There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my program uses a connection
string with integrated security. And sometimes it does run, almost
like there's a contest between which logon the program is going to use
and in about five minutes it connects properly. But I have no idea why
it would be losing the connection string I have in the web.config. And
as I mentioned, it works fine on another server, the difference being
the other server forces the user to login first. I have one or two
forms, with several user controls that are loaded depending on what the
user selects.
Thanks for any assistance you can send my way.
re: So the identity impersonate needs to be there so we can connect to sql.
You should look a bit deeper into what impersonation is.
The *reason* you are impersonating is because the account which you have
designated ASP.NET to run under has login credentials to your sql database.
If one is an external web server (the one that works) and the one that doesn't
work is an internal web server, maybe you need to impersonate with one server,
but not with the other.
IOW, your SQL server ( which I assume is within your domain ) may be able to
grant login rights to your internal web server's account *without* needing to
impersonate a custom account which the external web server needs to authenticate.
You can't expect *both* servers ( internal and external )
to use the same authentication credentials.
Juan T. Llibre
ASP.NET MVP
http://asp.net.do/foros/
Foros de ASP.NET en Español
Ven, y hablemos de ASP.NET...
======================
"et" <ea*************@yahoo.com> wrote in message
news:O%****************@TK2MSFTNGP09.phx.gbl... Well, no that didn't work, now I get the error: Login failed; Reason not associated
with a trust sql server connection. So the identity impersonate needs to be there so we
can connect to sql.
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... why do you impersonate? In your configuration every user who wants to use your
application has to have file access (NTFS) on your application! This might be the
problem. This configuration also creates one connection pool per user which (I assume
by now) is nothing you really want.
Does this help?
Daniel
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:OI**************@tk2msftngp13.phx.gbl... Yes, servers are in the same domain, however one is an external web server (the one
that works) and the one that doesn't work is an internal web server. Below is the
web.config, obviously the change between servers being the server name and the
database name. Thanks so much for your help.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="AppConfig" type="WebCommonVB.WebAppConfig, WebCommonVB" />
<section name="exceptionManagement"
type="Microsoft.ApplicationBlocks.ExceptionManagem ent.ExceptionManagerSectionHandler,
Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security Info=False;Packet
Size=4096" />
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to insert debugging symbols (.pdb information)
into the compiled page. Because this creates a larger file that executes
more slowly, you should set this value to true only when debugging and to
false at all other times. For more information, refer to the documentation
about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error messages,
"Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not running
on the local Web server. This setting is recommended for security purposes,
so
that you do not display application detail information to remote clients.
-->
<customErrors mode="Off" />
<!-- AUTHENTICATION
This section sets the authentication policies of the application. Possible
modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or Integrated Windows)
according to
its settings for the application. Anonymous access must be disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter their
credentials, and then
you authenticate them in your application. A user credential token is stored
in a cookie.
"Passport" Authentication is performed via a centralized authentication
service provided
by Microsoft that offers a single logon and core profile services for member
sites.
-->
<authentication mode="Windows" />
<identity impersonate="true"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can
allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?"
means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page within an
application.
Set trace enabled="true" to enable application trace logging. If
pageOutput="true", the
trace information will be displayed at the bottom of each page. Otherwise,
you can view the
application trace log by browsing the "trace.axd" page from your web
application
root.
-->
<trace enabled="false" requestLimit="1000" pageOutput="true" traceMode="SortByTime"
localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a
particular session.
If cookies are not available, a session can be tracked by adding a session
identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:Oj*************@TK2MSFTNGP09.phx.gbl...
are your server in the same domain? can you post your web.config?
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:ew**************@TK2MSFTNGP10.phx.gbl...
>I have an asp.net program that uses a connection string, using integrated security to
>connect to a sql database. It runs fine on one server, but the other server gives me
>the error that
> "Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this be? There is
> no reason it should even be trying to login to using NT Authority/Anonymous login.
> The IIS Server is set to turn off anonymous logins, and use integrated security, and
> my program uses a connection string with integrated security. And sometimes it does
> run, almost like there's a contest between which logon the program is going to use
> and in about five minutes it connects properly. But I have no idea why it would be
> losing the connection string I have in the web.config. And as I mentioned, it works
> fine on another server, the difference being the other server forces the user to
> login first. I have one or two forms, with several user controls that are loaded
> depending on what the user selects.
>
> Thanks for any assistance you can send my way.
>
>
>
>
That makes a lot of sense, I'll bet you've hit the nail on the head. I'll
keep you posted. Thanks so much!
"Juan T. Llibre" <no***********@nowhere.com> wrote in message
news:OA**************@TK2MSFTNGP12.phx.gbl... re: So the identity impersonate needs to be there so we can connect to sql.
You should look a bit deeper into what impersonation is.
The *reason* you are impersonating is because the account which you have
designated ASP.NET to run under has login credentials to your sql
database.
If one is an external web server (the one that works) and the one that
doesn't
work is an internal web server, maybe you need to impersonate with one
server,
but not with the other.
IOW, your SQL server ( which I assume is within your domain ) may be able
to
grant login rights to your internal web server's account *without* needing
to
impersonate a custom account which the external web server needs to
authenticate.
You can't expect *both* servers ( internal and external )
to use the same authentication credentials.
Juan T. Llibre
ASP.NET MVP
http://asp.net.do/foros/
Foros de ASP.NET en Español
Ven, y hablemos de ASP.NET...
======================
"et" <ea*************@yahoo.com> wrote in message
news:O%****************@TK2MSFTNGP09.phx.gbl... Well, no that didn't work, now I get the error: Login failed; Reason not
associated with a trust sql server connection. So the identity
impersonate needs to be there so we can connect to sql.
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... why do you impersonate? In your configuration every user who wants to
use your application has to have file access (NTFS) on your application!
This might be the problem. This configuration also creates one
connection pool per user which (I assume by now) is nothing you really
want.
Does this help?
Daniel
"et" <ea*************@yahoo.com> schrieb im Newsbeitrag
news:OI**************@tk2msftngp13.phx.gbl...
Yes, servers are in the same domain, however one is an external web
server (the one that works) and the one that doesn't work is an
internal web server. Below is the web.config, obviously the change
between servers being the server name and the database name. Thanks so
much for your help.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="AppConfig" type="WebCommonVB.WebAppConfig, WebCommonVB"
/>
<section name="exceptionManagement"
type="Microsoft.ApplicationBlocks.ExceptionManagem ent.ExceptionManagerSectionHandler,
Microsoft.ApplicationBlocks.ExceptionManagement" />
</configSections>
<appSettings>
<add key="SQLConnectionString" value="Data Source=Server6;Initial
Catalog=Server6DB;Integrated Security=SSPI;Persist Security
Info=False;Packet Size=4096" />
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to insert debugging symbols (.pdb
information)
into the compiled page. Because this creates a larger file
that executes
more slowly, you should set this value to true only when
debugging and to
false at all other times. For more information, refer to the
documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom
error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users
not running
on the local Web server. This setting is recommended for
security purposes, so
that you do not display application detail information to
remote clients.
-->
<customErrors mode="Off" />
<!-- AUTHENTICATION
This section sets the authentication policies of the
application. Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or
Integrated Windows) according to
its settings for the application. Anonymous access must be
disabled in IIS.
"Forms" You provide a custom form (Web page) for users to
enter their credentials, and then
you authenticate them in your application. A user credential
token is stored in a cookie.
"Passport" Authentication is performed via a centralized
authentication service provided
by Microsoft that offers a single logon and core profile
services for member sites.
-->
<authentication mode="Windows" />
<identity impersonate="true"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the
application. You can allow or deny access
to application resources by user or role. Wildcards: "*" mean
everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every
page within an application.
Set trace enabled="true" to enable application trace logging.
If pageOutput="true", the
trace information will be displayed at the bottom of each
page. Otherwise, you can view the
application trace log by browsing the "trace.axd" page from
your web application
root.
-->
<trace enabled="false" requestLimit="1000" pageOutput="true"
traceMode="SortByTime" localOnly="true" />
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests
belong to a particular session.
If cookies are not available, a session can be tracked by
adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
<!-- GLOBALIZATION
This section sets the globalization settings of the
application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
"Daniel Walzenbach" <da***************@newsgroup.nospam> wrote in
message news:Oj*************@TK2MSFTNGP09.phx.gbl...
> are your server in the same domain? can you post your web.config?
>
>
> "et" <ea*************@yahoo.com> schrieb im Newsbeitrag
> news:ew**************@TK2MSFTNGP10.phx.gbl...
>>I have an asp.net program that uses a connection string, using
>>integrated security to connect to a sql database. It runs fine on one
>>server, but the other server gives me the error that
>> "Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would
>> this be? There is no reason it should even be trying to login to
>> using NT Authority/Anonymous login. The IIS Server is set to turn off
>> anonymous logins, and use integrated security, and my program uses a
>> connection string with integrated security. And sometimes it does
>> run, almost like there's a contest between which logon the program is
>> going to use and in about five minutes it connects properly. But I
>> have no idea why it would be losing the connection string I have in
>> the web.config. And as I mentioned, it works fine on another server,
>> the difference being the other server forces the user to login first.
>> I have one or two forms, with several user controls that are loaded
>> depending on what the user selects.
>>
>> Thanks for any assistance you can send my way.
>>
>>
>>
>>
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: neilphan |
last post by:
Hi Guys,
Please HELP! I'm new to PHP and would like to get your professional
help!
I"m writing simple and small login app using php session variable. I
have 3 php scripts. The first is just a...
|
by: Maellic |
last post by:
Hi,
The website I am working on is built with ASP.NET and connects to a
SQL Server 2000 database. The web server and database are on the same
machine. I have recently tried to modify the timeout...
|
by: Beginner |
last post by:
I know this is an old question, but searching all over the internet plus
several MS security conferences, still haven't got a straight anwser.
Basically, the login.aspx is on one dedicated server...
|
by: Brian Henry |
last post by:
We have our windows forms login set up and working good, well it works at
least, just now we need a logout button, so when you click on it, the user
will be logged out of the authentication, how...
|
by: msnews.microsoft.com |
last post by:
I have been raking my brains on why this does not work. I get back the same
login screen again instead of the home page redirection which should occur
after a successful login:
'create a cookie...
|
by: =?Utf-8?B?UGFyYWcgR2Fpa3dhZA==?= |
last post by:
Hi All,
We have a requirement where we have to develop a custom Login Page which
will accept user's NT credentials ( Username , password, domain name).
This then needs to be passed to a website...
|
by: JodiPhillips |
last post by:
G'day,
I have a silly and simple problem that I need some guidance with.
Due to the way our network is set up, I am unable to use the group permissions for Access and have had to implement log...
|
by: cactuscrust |
last post by:
I'm running IIS6 Windows2003, and as you'll see very quickly.. I'm pretty new to this stuff.
Lately I've been getting bombarded with login attempts.... sometimes several in the same second, and it...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
| |
