Clever Geek Handbook

Connecting to SQL with ANONYMOUS LOGON since switching to IIS7

I recently upgraded my computer to Vista which means it includes IIS7. The problem is that the ASP.NET site we are working on is no longer working. I am getting the error because the application is trying to connect to SQL Server using NT AUTHORITY / ANONYMOUS LOGON instead of my domain user and anonymous is not allowed. I have tried several things, but no solution yet: - install and enable "IIS Metabase and IIS 6 configuration compatibility", - enable Windows authentication for this website - created another application pool with managed pipeline mode set to Classic - compatibility with IIS6 WMI and IIS6 Management Console (despair here)

Our web.config also has our machine.config. I tried to impersonate false and enter my domain user and password in machine.config (it did) but that didn't help either.

Are there things I am missing? Has anyone else had a similar problem?

0


source to share


4 answers


I believe I have found a solution. At least it works now. This is what I did:

  • The website is now running in a separate application pool with Managed Pipeline mode set to classic mode, Load userprofile set to False and Identity set to username and using the user (and password) of the domain that has access to the database.
  • In the "authorization" section of the website itself, I have anonymous dialing enabled, and ASP.NET pretended to be disabled.
  • in the site's web.config is also set.


Credit owed this site helped me.

+1


source


How is your application authenticated with SQL Server? Does it use SQL or Windows Auth? I hope you are trying to use Windows Auth. In this case, your IIS worker process must be running under a Windows user account. Otherwise, it must at least impersonate a Windows user account that has the required access rights to SQL Server. If you are using impersonation, and if you are using the correct Windows user account, and if SQL Server is authenticating using Windows auth, and if you still cannot access SQL Server, you might run into the classic double timeout problem. In other words, you are trying to authenticate with IIS once,and you are using the same crdentials to authenticate to SQL Server on the next network (which is your second break) and Windows does not allow this for security reasons.



+1


source


I am sorry that I can no longer consider this issue. In fact, it probably has something to do with the way we connected to SQL Server (Win Auth), because now we have changed it. Now we connect with username and password in the connection string and solve. So I can't tell if you provided msvcyc's answer, but I voted your solution. Thanks for the time and problems.

0


source


Well, I recommend that you switch to integrated mode, if not too much of a challenge, to enjoy the innovation it brings. :)

http://mvolo.com/blogs/serverside/archive/2007/12/08/IIS-7.0-Breaking-Changes-ASP.NET-2.0-applications-Integrated-mode.aspx

0


source






More articles:


All Articles