We help IT Professionals succeed at work.


zachvaldez asked


Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'SERVXJ-888777\ASPNET'.

Source Error:

Line 299:
Line 300:        ' Set a pointer to the data table
Line 301:        SqlDataAdapter1.Fill(AuthorsDataSet) >>>>> IT POINTS TO THIS LINE
Line 302:        dt = AuthorsDataSet.Tables("Authors")
Line 303:
Stack Trace:

[SqlException: Login failed for user 'SERVXJ-888777\ASPNET'.]
   System.Data.SqlClient.ConnectionPool.GetConnection(Boolean& isInTransaction)
   System.Data.SqlClient.SqlConnectionPoolManager.GetPooledConnection(SqlConnectionString options, Boolean& isInTransaction)
   System.Data.Common.DbDataAdapter.QuietOpen(IDbConnection connection, ConnectionState& originalState)
   System.Data.Common.DbDataAdapter.FillFromCommand(Object data, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior)
   System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32 startRecord, Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior behavior)
   System.Data.Common.DbDataAdapter.Fill(DataSet dataSet)
   VSM072004.DataGridExample.BindDataGrid() in C:\HTTP\vsmag\vs0409\vs0409do\DataGridExample.aspx.vb:301
   VSM072004.DataGridExample.Page_Load(Object sender, EventArgs e) in C:\HTTP\vsmag\vs0409\vs0409do\DataGridExample.aspx.vb:174
   System.Web.UI.Control.OnLoad(EventArgs e)
Watch Question

It seems obvious but... The exception details seem to say it all
Login failed for user 'SERVXJ-888777\ASPNET'.

Take a look at your connection string and determine if the user and password you are using are valid credentials on Sql Server.

You need to give Read\Write Access to User: 'ComputerName\ASPNET' for your Database



HOW TO GIVE Read\Write Access to User: 'ComputerName\ASPNET' for your Database? Appreciate  it..
Go to SQL Enterprise Manager -> Your Server -> Your DataBase -> Users

Right Click 'Users' & Add New Database user
Login Name: & User Name: SERVXJ-888777\ASPNET (Give db_datareader & db_datawriter access atleast)


There is an easy way. If you can show me your connection string, i can tell you wht the problem is. But make sure you have, 'Trusted_Connection=true;' as part of your connection string, then you do not have to create an account for the ASPNET user
Although it will cause more work at the DB level, it is better to create a user account at the SQL Server (from a security standpoint).  This allows for you to explicitly assign permissions for the account being used by your connection string.  This way, if your application is comprimised, your DB is still a bit safer.

Your connection string probably has "Integrated Security=SSPI".  The best way to handle this is to do the following:

In Web.config add the following: <identity impersonate="true" />

When you do this, the code that is attempting to connect to the DB will do so under the account that is used to authenticate the request.  If you are allowing anonymous users to request pages, open your IIS admin utility, right click the website and show the Properties.  Select the Directory Security tab and click the Edit button for the first section, which is authentication for anonymous requests.  You'll see that a local account named IUSR_<machine  name> is set to authenticate anonymous reqeusts.  By putting the above tag in web.config, you are telling ASP.NET to use this account to authenticate the request.  If you do not have the above tag, the ASPNET account will be used.  Ideally, the ASPNET account should have as few privileges as possible, so it's best to leave it as it is unless absolutely necessary.  By using Integrated Security=SSPI in your connection string (which is a good idea), SQL Server is receiving its request under the context of either the ASPNET or the IUSR_... account, depending on whether or not you have the <identity> tag as described above.

The best way to address this issue is to create a domain or Active Directory account that will be used exclusively by IIS for authenticating anonymous reqeuests and then reset the IIS setting to use this new account.  Then add that account to your SQL Server Logins and add the login as a user on the database in question.  That will solve the database access issue.

The reason this is the best solution is that if you need to access shares on the network, all you have to do is grant that same account persmissions on the share(s) in question.  Granting local accounts (like ASPNET or the IUSR_<machine name> account) will lead to failures later on if you upgrade server machines.



Someone suggested about Trusted Connection to be added   hence  this connection string is:

workstation id=SERVXJ-888777;packet size=4096;integrated security=SSPI;data source="SERVXJ-888777\SERVXJ-888777";persist security info=False;initial catalog=pubs


what specific section in the web config this should  go..
In Web.config add the following: <identity impersonate="true" />


I stil get the error even if I add the user: 'SERVXJ-888777\ASPNET'.

Right after:

<authentication mode="Windows" />

If you have the ability to do so, you'll be far better off creating an account and resetting IIS to use it for anonymous auth, and the add it to the SQL Server.

If you put the tag above in web.config already, then you should add SERVXJ-888777\IUSR_SERVXJ-888777 and see if it works, as that is the default account for anonymous auth.



Adding the ASPNET user in the security plus other steps I'd never remembered magically run the project!!
Keep on hustling I guess!!