Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' - .NET/IIS/SQL 2000

Posted on 2003-03-13
Medium Priority
Last Modified: 2007-12-19
The error is received by web client under the following config:

Webserver: W2K / .NET / IIS
-  IIS is using Integrated Windows authentication and the server itself resides on our domain.
-  ConnectionString = "server=<ourdbserver>;Trusted_Connection=true;database=<ourdb>;"
-  web.config has a <identity impersonate="true" /> tag

DB Server: W2K / SQL 2000
- The DB has the domain accounts defined as SQL Logins with the appropriate permissions to the DB.

These servers are physically 2 separate machines, both on the same windows domain.  We've tried many different combinations of config settings.  It appears that IIS is not passing the logon credentials to the SQL box.  We tried adding a "Persist Security Info=true" into the connection string without any success.  We also tried added the domain accounts onto the SQL Server's local Administrators group without any success.  Every posting I've seen suggests using Anonymous authentication; but this is an enterprise app that must use NTLM.

How do you get Windows Integrated security to work with IIS/.NET/SQL2000 across multiple servers???
We only have 75 points to offer but this is very important!!!!
Question by:hzhkx4
LVL 10

Accepted Solution

AndresM earned 300 total points
ID: 8131656
>It appears that IIS is not passing the logon credentials to the SQL box
That's the probem. NTLM at IIS does not support "AuthenticationPassThrough". You should set Basic Authentication in IIS in order to let the password pass through.
See INF: Authentication Methods for Connections to SQL Server in Active Server Pages.

This is another option, but unsupported:
UNCAuthenticationPassThrough Support Limitation in IIS 5.0
Enabling Pass-through-authentication for IIS 4 and IIS 5


Expert Comment

ID: 8135232
I recommended to use the digest authentication if you be in a intranet environnement. So the user password will not be send in clear text over your network.

Note that this authentication method work only with IE and only since IE 5.5

Author Comment

ID: 8137822
Thanks the articles really helped.  The answer is integrated won't work with multiple servers.  Only basic/anonymous will.  

The other pass through options aren't supported, and therefore really aren't feasible.  

Also this app is for use on the Intranet and Internet, so the Digest auth wouldn't work.

I still don't understand though why IIS won't support integrated security to another box?  Especially when both are on the same domain.


Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
Suggested Courses

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question