My setup
I have a winform application that connects to a local sql express db and does different operations (updates,inserts,deletes)
The sql express is local and i am using the following connection string (from app.config)
<connectionStrings>
<add name="SQLConnectionString" connectionString="Data Source=.\sqlexpress;Initial Catalog=database1;Integrated Security=SSPI" />
<!--<add name="SQLConnectionString" connectionString="" />-->
</connectionStrings>
My application is first authenticating the user when it logs on (via the database1...so it can connect to the DB)
I am also able to connect to the SQL management console without any issues. I see and able to change the tables from within the DB via the management console
I am getting the "The Login is from an Untrusted Domain and Cannot be used with Windows Authentication" when I am trying to do operations on the different tables
I have also tried to use the server name instead of the "." in the connection string to no avail.
In my application i am referencing the app.config file to get the connectionStrings
Most likely the issue is that ASP.NET is still set to the default of not passing along a security context. You should enable ASP.NET Impersonation Authentication by running the following from a command prompt:
appcmd set config /commit:WEBROOT /section:identity /impersonate:true
As far as the connection string goes, it should be fine. The difference between SSPI and True for the Integrated Security option is:
SSPI (Security Support Provider Interface) means use Windows Security if User ID and Password are absent, and use SQL Server security if they are present.
True means use Windows integrated security to log in to SQL Server, even if the connection string includes User ID and Password settings.
Since you are not specifying User ID and Password in your connection string, the SSPI and True values should effectively be the same.
Other areas to check if the above doesn't work:
The authentication account of the IIS service
The local security policy (based on the "The Login is from an Untrusted Domain" part).
Related
I have a DataBase in SQLSever. Into the webConfig file of my MVC project, when i configure the connectionString by giving the user and the password, it's correct:
<connectionStrings> <add name="jcConn" connectionString="Data Source=LAPTOP\MSSQLSERVERAXVAL;Initial Catalog=bd_school;Persist Security Info=True;User ID=sa;Password=namin"/> </connectionStrings>
But I dont want to specify the user and the password. So by trying to do this, it doesn't work:
<add name="jcConn" connectionString="Data Source=LAPTOP\MSSQLSERVERAXVAL;Initial Catalog=bd_school;Integrated Security=True;" providerName="System.Data.SqlClient" />
How can i do that ?
Thank you.
First: Does the user you're logged in as have access to the database you're trying to connect to? If you're running in IIS express then that's the user you're logged into the machine with and if you're hosting in IIS then the user the application pool is running as (assuming you're not impersonating).
Secondly: Integrated Security=true;
If you do not want to put your SQL User Id and Password in connection string then you must use Windows Authentication to login in SQL. And use your Database in Windows user in SQL. use this
Integrated Security=true;
If you use SQL login, then you need to specify the username and password in your connection string.
If you don't want that, you need to use Windows Authentication. Check this answer in that case.
I have the following EF and Local DB connection strings
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=(LocalDb)\v11.0;AttachDbFilename=|DataDirectory|\DirectTrustIssuerBilling.mdf;Initial Catalog=DirectTrustIssuerBilling;Integrated Security=True" providerName="System.Data.SqlClient" />
<add name="PaymentsModel" connectionString="metadata=res://*/Data.PaymentsModel.csdl|res://*/Data.PaymentsModel.ssdl|res://*/Data.PaymentsModel.msl;provider=System.Data.SqlClient;provider connection string="data source=(LocalDb)\v11.0;attachdbfilename=|DataDirectory|\DirectTrustIssuerBilling.mdf;initial catalog=DirectTrustIssuerBilling;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
I've already created the server and database in the azure portal. Also I found connection strings in the portal for ADO.NET and others.
Question
If I don't care about the data, already configured the firewall, and just want to change my connection strings so that this on premise app will work in the cloud, what must I do?
If I want to save this password in App Settings (in the portal), or key vault, how would I do this?
If you're already using EF6.x, then there's nothing to do other than change your connection strings. TO find the connection string that you need to use that's already formatted, go to your Azure SQL management blade in the portal. On the overview tab, there will be a link that reads "Show database connection strings". This will give you what you need to replace in your web.config.
Note that EF 6.x already has retry logic built in to handle any transient failure you may experience connecting to an Azure SQL instance.
If you would rather save your connection string (with password) in the portal, navigate to your web app's management blade, and choose the "Application Settings" menu option under the Settings heading. You can enter your connection strings here. App settings and connection strings defined in the portal will override whatever is specified in your web.config for your app.
I am trying to retrieve data from an SQL Server database table in my MVC application. I have the following connection string:
<add name="EmployeeContext" connectionString="Data Source=localhost;Initial Catalog=SampleHR;Integrated Security=True"
providerName="System.Data.SqlClient"/>
But this gives me the following error:
Cannot open database "SampleHR" requested by the login. The login failed.
Login failed for user 'IIS APPPOOL\DefaultAppPool'.
On this line in my ActionResult code:
Employee empPersonal = epcontext.Employees.Single(emp => emp.EmployeeID == eid);
I tried the following two connection string:
<!-- <add name="Employee_PersonalContext" connectionString ="server=MANASI-HP\MSSQLSERVER; database=SampleHR; integrated security=SSPI;"
providerName="System.Data.SqlClient"/> -->
<!-- <add name="Employee_PersonalContext" connectionString ="server=MANASI-HP\MSSQLSERVER; database=SampleHR; username=dbo; password=;"
providerName="System.Data.SqlClient"/> -->
But these two gave me the error: "The underlying provider failed to open."
I have SQL Server 2012, with Windows Authentication. I ran the query "select CURRENT_USER" and got the username "dbo". I have not set any password and I am using Windows Authentication. I am also running the application on IIS server.
What could be the problem? Please let me know if I have to add any code here.
Edit: I went to project properties and changed the server to SQL Server instead of IIS and it works with this connection string:
<add name="EmployeeContext" connectionString="Data Source=localhost;Initial Catalog=SampleHR;Integrated Security=True;User ID=IIS APPPOOL\DefaultAppPool;Password="
providerName="System.Data.SqlClient"/>
but not with this one:
<add name="MvcDemoConnectionString" connectionString="Server=MANASI-HP;Database=SampleHR;Integrated Security=true"
providerName="System.Data.SqlClient"/>
I am confused.. :(
Edit 2 (11th Nov): I did not make any changes to IIS Manager right before I started with the MVC application in .NET. Just followed the instructions in the tutorial. I found this page about IIS.
IIS Data Source Settings
Do I need to do any of these things before I start building my application on IIS?
Dec 5th 2015:
I followed the instructions on these two pages:
ASP.NET Web Deployment
and
Deploy Database with IIS
Still not working.
If you are running the app in IIS and your connection string uses integrated security, the user it is going to use is whatever the app pool is running as. You can either change the user the app pool is running as, or provide the username and password for the windows authentication user you want to use in your connection string (something like Data Source=localhost;Initial Catalog=SampleHR;Integrated Security=True;User ID=username;Password=password
Look like you have hosted application in IIS and allow anonymous access, and your connecting string accepting windows authenticated user.
Whenever you have this type of setting in place, I'll recommend to run IIS application pool under service account instead of AppPoolIdentity, and make sure your SQL Server allow service account user.
For testing go to Application Pool -> advance settings -> and change 'Identity' with you network/windows credential. if your account have access to sql server your problem will be solve for a moment.
Note: I'll not recommend to keep running your application under personal account. Because once you change your password you have to change the App pool Identity again.
If you don't change, each app pool has it's own identity. In your case, just add a new user to your database SampleHR with the name IIS APPPOOL\MyAppPool using SQL Management Studio. You find the users list in the "Security/Users" subnode of your database.
I just had to grant the user permissions in SSMS. I just went back to default settings in ISS, granted permission to the user in SSMS, and that was it.
Does anyone have any other solution?
I'm working on an MVC application which uses ObjectContext (not DbContext) with EDMX file. As we know ObjectContext connection string is quite different from regular ADO.NET connection string. Here is the connection string I see in the application
<add name="AuthorEntities" connectionString="metadata=res://*/Models.AuthorEntities.csdl|res://*/Models.AuthorEntities.ssdl|res://*/Models.AuthorEntities.msl;provider=System.Data.SqlClient;provider connection string="Data Source=ServerAddress;database=Author;user id=sa;password=Pass121212;Trusted_Connection=no;Integrated Security=True"" providerName="System.Data.EntityClient" />
This connection string works locally very well but when I deploy the application on production machine. This displays an error:
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
I double checked all my credentials used here but nothing helps. I'm not using any kind of Impersonation settings in config file. By any chance if you faced/know this issue, please help.
user id=sa;password=Pass121212; ... Integrated Security=True
You are using integrated security (uses current Windows login for authentication) so the username and password here are ignored. You should either change this setting or ensure that your application is running as a user that can access the database.
Am stock in this a error, some help will be ok.
Am trying to deploy an MVC5 Application to a localhost IIS and after deploying to the system and i have created a database in the system with the same on the application web.config but i figure that when i try to lunch it am having this Error
Format of the initialization string does not conform to specification starting at index 0.
and i did some research and find out that it is from my Connection string and i have tried every thing possible but it is still throwing the same error please some help...
When the application is run on the development machine with .\SQLEXPRESS it works fine so can i make it work on the hosted system.
this is the connection string for the System am trying to host
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=10.0.226.25\SQLEXPRESS;Initial Catalog=NNPCUsersDB; user id=Administrator;password=****; Integrated Security=false" providerName="System.Data.SqlClient" />
<add name="NNPCDeportContext" connectionString="data source=10.0.226.25\SQLEXPRESS;initial catalog=NNPCResourcesDB; user id=Administrator;password=****; Integrated Security=false" providerName="System.Data.SqlClient" />
or should i use
source=PPMCW44016\SQLEXPRESS;
that is the system SQL Server name
The integrated security=true and user id/password specifications are mutual exclusive. The user id/password is only for SQL authentication so you should specify integrated security=false in that case.
You cannot specify ad-hoc Windows credentials in the connection string. Assuming identity impersonate=true, specify integrated security=true without user id/password for Windows authentication using the application pool account.