468,168 Members | 1,546 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,168 developers. It's quick & easy.

Database Connection - Not Associated With Trusted Connection

I have a test server and a development machine. I have SQL Server installed
on both, the installations are pretty much identical. Both servers are in
the same domain. When I run my application locally, I can connect to the
local sql server as well as the sql server on the test server. The IIS
settings on both the test server and local machine are the same (anon
disabled, use integrated windows auth). Identity impersonate is on in
web.config.

When I run the application on the test server, I can connect to the test
server with the following connection string:
"server=testing;trusted_connection=yes;". However, when I point it to my
local machine ("server=mymachine;trusted_connection=yes;") I get the "Login
failed for user '(null)'. Reason: Not associated with a trusted SQL Server
connection." error.

Using the same two connection strings on my local machine work fine. The
only difference I know of is...the test machine is a child domain
(test.mydomain) while my local machine is under the primary domain
(mydomain). I can connect to it locally, but it can't seem to pass the
credentials from the test machine to my local machine...it sees it (can see
it using SQLBrowseConnect api function) and can connect to it using SQL
Query Analyzer using windows authentication through Terminal Services, but
it just doesn't work using ASP.Net :(

Can anyone help?

Thanks,
Mythran

Nov 19 '05 #1
5 1622
I'm trying to keep track of the machine and network hops involved, but
it sounds like you are facing the dreaded double hop issue trying to
impersonate the user.

If you must carry the client's identity all the way to the database,
you'll need to use delegation. I have pointers here:
http://odetocode.com/blogs/scott/arc...2/24/1053.aspx

If you don't need to client's identity there are easier options
available...

--
Scott
http://www.OdeToCode.com/blogs/scott/

On Tue, 4 Oct 2005 16:37:03 -0700, "Mythran"
<ki********@hotmail.comREMOVETRAIL> wrote:
I have a test server and a development machine. I have SQL Server installed
on both, the installations are pretty much identical. Both servers are in
the same domain. When I run my application locally, I can connect to the
local sql server as well as the sql server on the test server. The IIS
settings on both the test server and local machine are the same (anon
disabled, use integrated windows auth). Identity impersonate is on in
web.config.

When I run the application on the test server, I can connect to the test
server with the following connection string:
"server=testing;trusted_connection=yes;". However, when I point it to my
local machine ("server=mymachine;trusted_connection=yes;") I get the "Login
failed for user '(null)'. Reason: Not associated with a trusted SQL Server
connection." error.

Using the same two connection strings on my local machine work fine. The
only difference I know of is...the test machine is a child domain
(test.mydomain) while my local machine is under the primary domain
(mydomain). I can connect to it locally, but it can't seem to pass the
credentials from the test machine to my local machine...it sees it (can see
it using SQLBrowseConnect api function) and can connect to it using SQL
Query Analyzer using windows authentication through Terminal Services, but
it just doesn't work using ASP.Net :(

Can anyone help?

Thanks,
Mythran


Nov 19 '05 #2
Well i had the same issue once and what i did was to imperosnate the user in
webconfig with adding the username
and the password.
I guess it wasn't the best idea but it solved the problem
Patrick

"Scott Allen" <sc***@nospam.odetocode.com> wrote in message
news:mk********************************@4ax.com...
I'm trying to keep track of the machine and network hops involved, but
it sounds like you are facing the dreaded double hop issue trying to
impersonate the user.

If you must carry the client's identity all the way to the database,
you'll need to use delegation. I have pointers here:
http://odetocode.com/blogs/scott/arc...2/24/1053.aspx

If you don't need to client's identity there are easier options
available...

--
Scott
http://www.OdeToCode.com/blogs/scott/

On Tue, 4 Oct 2005 16:37:03 -0700, "Mythran"
<ki********@hotmail.comREMOVETRAIL> wrote:
I have a test server and a development machine. I have SQL Server installedon both, the installations are pretty much identical. Both servers are inthe same domain. When I run my application locally, I can connect to the
local sql server as well as the sql server on the test server. The IIS
settings on both the test server and local machine are the same (anon
disabled, use integrated windows auth). Identity impersonate is on in
web.config.

When I run the application on the test server, I can connect to the test
server with the following connection string:
"server=testing;trusted_connection=yes;". However, when I point it to my
local machine ("server=mymachine;trusted_connection=yes;") I get the "Loginfailed for user '(null)'. Reason: Not associated with a trusted SQL Serverconnection." error.

Using the same two connection strings on my local machine work fine. The
only difference I know of is...the test machine is a child domain
(test.mydomain) while my local machine is under the primary domain
(mydomain). I can connect to it locally, but it can't seem to pass the
credentials from the test machine to my local machine...it sees it (can seeit using SQLBrowseConnect api function) and can connect to it using SQL
Query Analyzer using windows authentication through Terminal Services, butit just doesn't work using ASP.Net :(

Can anyone help?

Thanks,
Mythran

Nov 19 '05 #3
If your requirements allow you to use a fixed identity that solution
works well and is very simple, yes.
--
Scott
http://www.OdeToCode.com/blogs/scott/

On Wed, 5 Oct 2005 14:47:25 +1000, "Patirck Ige"
<na********@hotmail.com> wrote:
Well i had the same issue once and what i did was to imperosnate the user in
webconfig with adding the username
and the password.
I guess it wasn't the best idea but it solved the problem
Patrick


Nov 19 '05 #4
if your site is impersonating the users creditials, asp.net only supports
trusted connections to a local sqlserver (same box), unless you are using
kerberos and enable credital forwarding.

if you can use a fixed account, then specify the userName and password in
the web.config.

-- bruce (sqlwork.com)
"Mythran" <ki********@hotmail.comREMOVETRAIL> wrote in message
news:OH**************@tk2msftngp13.phx.gbl...
I have a test server and a development machine. I have SQL Server
installed on both, the installations are pretty much identical. Both
servers are in the same domain. When I run my application locally, I can
connect to the local sql server as well as the sql server on the test
server. The IIS settings on both the test server and local machine are the
same (anon disabled, use integrated windows auth). Identity impersonate is
on in web.config.

When I run the application on the test server, I can connect to the test
server with the following connection string:
"server=testing;trusted_connection=yes;". However, when I point it to my
local machine ("server=mymachine;trusted_connection=yes;") I get the
"Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection." error.

Using the same two connection strings on my local machine work fine. The
only difference I know of is...the test machine is a child domain
(test.mydomain) while my local machine is under the primary domain
(mydomain). I can connect to it locally, but it can't seem to pass the
credentials from the test machine to my local machine...it sees it (can
see it using SQLBrowseConnect api function) and can connect to it using
SQL Query Analyzer using windows authentication through Terminal Services,
but it just doesn't work using ASP.Net :(

Can anyone help?

Thanks,
Mythran

Nov 19 '05 #5

"Bruce Barker" <br******************@safeco.com> wrote in message
news:%2****************@TK2MSFTNGP09.phx.gbl...
if your site is impersonating the users creditials, asp.net only supports
trusted connections to a local sqlserver (same box), unless you are using
kerberos and enable credital forwarding.

if you can use a fixed account, then specify the userName and password in
the web.config.

-- bruce (sqlwork.com)


Yes, I have used fixed accounts in connection strings before. But I was
just trying to get it to work with windows authentication...but I see that I
have to enable Kerberos and that will take some thought and planning...

Thanks ;)

Mythran

Nov 19 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by Ray Valenti | last post: by
2 posts views Thread by =?Utf-8?B?SmVmZnJleQ==?= | last post: by
reply views Thread by kamranasdasdas | last post: by
reply views Thread by gcreed | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.