SQL Server 2000 + ASP.NET: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

I simply moved a growth workstation

  • FROM: Windows XP Pro SP3 with IIS 6
  • TO: Vista Enterprise 64bit with IIS 7

Since the action, among my web pages that accesses an SQL Server 2000 data source is obtaining the adhering to mistake from my ASP.NET 2.0 website: "Login fell short for customer 'NT AUTHORITYbkslshANONYMOUS LOGON'. "

I have:

  • made it possible for Windows Authentication in IIS and also web.config
  • impaired Anonymous Authentication in IIS
  • set up Impersonation to run as the confirmed customer
  • validated that the visited customer (in this instance, me) has accessibility to the ideal data source on the SQL Server
  • validated that my login and also acting details is proper in the ASP.NET web page by examining User.Identity.Name and also System.Security.Principal.WindowsIdentity.GetCurrent().Name (both present my username)

My link string making use of SqlConnection is "Server = SERVER_NAME ;Database = DB_NAME ;Integrated Security = SSPI ;Trusted_Connection = True ;"

Why is it attempting to login with NT AUTHORITYbkslshANONYMOUS LOGIN? I need to think it is some setup or web.config access details to IIS7 given that it functioned penalty prior to the movement.

KEEP IN MIND: The SQL Server is Windows authentication just - no combined setting or SQL just.

2022-06-07 15:17:32
Source Share
Answers: 4

I recognize its a litlle late reply, yet I additionally stumbled right into the very same trouble and also settled this. Idea to show to you all.

I can recognize why you might not intend to present SQL authentication as customer might not remain in favour of that.

To make Windows Authentication to function, you might folow adhering to actions:

1) In web.config define authentication to windows

2) In web.config Impersonate identification to real

3) Create a new domain name digital customer for the application, claim abc @mydomain.com, with some password

4) In the acting area, define this userid and also password

5) In IIS, remove confidential accessibility and also examine incorporated windows authentication

6) Provide accessibility to this new customer accessibility to IIS metabase making use of aspnet_regiis - ga "mydomainbkslshusername"

7) Provide accessibility to this customer accessibility to physical directory of your digital directory. You will certainly require to add this customer there.

8) Note that if your application is contacting some log documents, you will certainly additionally require to give 'write' civil liberties too

9) Note that if your application is accessing some data source with implementation of some saved procs, you will certainly require to add this customer to sql server logins with dbowner right to the application data source.

Additionally, you might not intend to come under the security catch by giving accessibility to NT Authority/Anonymous Logon, so in this instance developing your very own application customer will certainly aid.

I wish it aids and also if it does demand you to make this as 'Answer'

2022-06-08 14:36:49

Did you attempt editing and enhancing the application swimming pool and also transforming the Managed Pipeline Mode to Classic as opposed to Integrated?

It could be connected to breaking changes in IIS7 for ASP.Net 2.0 applications.

2022-06-07 15:55:07

Looks to me like constricted delegation is not made it possible for: Configuring Servers for Delegation.

2022-06-07 15:51:07

Maybe add neighborhood network solution account to the data source on SQL.

Hope it aids.

2022-06-07 15:50:57