By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
444,017 Members | 1,158 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 444,017 IT Pros & Developers. It's quick & easy.

client cannot access remote DB

P: n/a
Hi,

I'm completely stumped with an issue of authentication.

I have an ASP.net application which is supposed to retrieve data from a
remote database. It is supposed to access the database using the domain
credential of the user that is accessing the page.

When I access the aspx page from a client, it generates an error: "An error
has occured: Login failed for user '(null)'. Reason: Not associated with a
trusted SQL Server connection." When I access the aspx page on the IIS
server itself, the data is rendered correctly. The weird part is, after
opening the page on the IIS server, the client will be able to open the page
correctly for some time. I presume this has to do with application pooling
on the connection. After that, it goes back to the same old error until I
'open a channel' via the server again.

Tests have confirmed that local data access (putting a SQL server onto the
IIS server and retrieving data from there using the same settings as below)
poses absolutely no problem from either a client or the IIS server.

I have been testing with a domain user, whom is administrator on both the
client and the IIS server. I have no access to a domain admin account to do
esting.

Configuration:
IIS server: WS2003 SP1, IIS 6
DB server: SQL 2000 SP3
Client: XP SP2, IE 6 SP2

My current settings are:
1. Security on the virtual directory is set to Windows Integrated Security
only
2. web.config of the site has authentication mode="Windows" and indentity
impersonate="true"
3. The connectionstring in the aspx page uses integrated security=SSPI
4. The virtual directory has been set as an application, and the application
pool is set to DefaultAppPool
5. The identity of the DefaultAppPool is Network Service
6. machine.config processmodel user="SYSTEM"

Any help or insights is really appreciated.

Regards,
Roger.
question moved from microsoft.public.inetserver.asp.db to this newsgroup


Nov 19 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
It is called the "double hop" issue with NTLM security.
Browser and IIS on the same computer, SQL on another = 1 hop, no problem.
Browser on one computer, IIS and SQL on the second = 1 hop, no problem.
Browser on one, IIS on second and SQL on third = 2 hops.
Test it with Basic Authentication rather than Windows Integrated and it
should work.
Do a Google on "double hop" +ASP.
"Roger" <rw******@optusnet.com.au> wrote in message
news:OH****************@TK2MSFTNGP12.phx.gbl...
Hi,

I'm completely stumped with an issue of authentication.

I have an ASP.net application which is supposed to retrieve data from a
remote database. It is supposed to access the database using the domain
credential of the user that is accessing the page.

When I access the aspx page from a client, it generates an error: "An
error has occured: Login failed for user '(null)'. Reason: Not associated
with a trusted SQL Server connection." When I access the aspx page on the
IIS server itself, the data is rendered correctly. The weird part is,
after opening the page on the IIS server, the client will be able to open
the page correctly for some time. I presume this has to do with
application pooling on the connection. After that, it goes back to the
same old error until I 'open a channel' via the server again.

Tests have confirmed that local data access (putting a SQL server onto the
IIS server and retrieving data from there using the same settings as
below) poses absolutely no problem from either a client or the IIS server.

I have been testing with a domain user, whom is administrator on both the
client and the IIS server. I have no access to a domain admin account to
do esting.

Configuration:
IIS server: WS2003 SP1, IIS 6
DB server: SQL 2000 SP3
Client: XP SP2, IE 6 SP2

My current settings are:
1. Security on the virtual directory is set to Windows Integrated Security
only
2. web.config of the site has authentication mode="Windows" and indentity
impersonate="true"
3. The connectionstring in the aspx page uses integrated security=SSPI
4. The virtual directory has been set as an application, and the
application pool is set to DefaultAppPool
5. The identity of the DefaultAppPool is Network Service
6. machine.config processmodel user="SYSTEM"

Any help or insights is really appreciated.

Regards,
Roger.
question moved from microsoft.public.inetserver.asp.db to this newsgroup



Nov 19 '05 #2

P: n/a
Roger wrote:
Hi,

I'm completely stumped with an issue of authentication.

I have an ASP.net application which is supposed to retrieve data from a
remote database. It is supposed to access the database using the domain
credential of the user that is accessing the page.

Hi Roger,

Does this article help?:

http://www.msdn.microsoft.com/msdnma...s/default.aspx

(Apologies if this doesn't display right - you may need to reassmeble
the link)

Damien

Nov 19 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.