Link to home
Start Free TrialLog in
Avatar of deNZity
deNZity

asked on

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

I get the following error when a user tries to logon from work station.
The website is hosted on IIS on the same server as sql server 2005
website is asp.net 2.0

SqlException (0x80131904): Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.]
   System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +734883
   System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +188
   System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +1838
   System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) +33
   System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) +628
   System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) +170
   System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) +359
   System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) +28
   System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) +424
   System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) +66
   System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) +496
   System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) +82
   System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) +105
   System.Data.SqlClient.SqlConnection.Open() +111
   System.Web.DataAccess.SqlConnectionHolder.Open(HttpContext context, Boolean revertImpersonate) +84
   System.Web.DataAccess.SqlConnectionHelper.GetConnection(String connectionString, Boolean revertImpersonation) +197
   System.Web.Security.SqlMembershipProvider.GetPasswordWithFormat(String username, Boolean updateLastLoginActivityDate, Int32& status, String& password, Int32& passwordFormat, String& passwordSalt, Int32& failedPasswordAttemptCount, Int32& failedPasswordAnswerAttemptCount, Boolean& isApproved, DateTime& lastLoginDate, DateTime& lastActivityDate) +1121
   System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved, String& salt, Int32& passwordFormat) +105
   System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved) +42
   System.Web.Security.SqlMembershipProvider.ValidateUser(String username, String password) +83
   System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e) +160
   System.Web.UI.WebControls.Login.AttemptLogin() +105
   System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +99
   System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
   System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +115
   System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +163
   System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +7
   System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +11
   System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5102
Avatar of Guy Hengel [angelIII / a3]
Guy Hengel [angelIII / a3]
Flag of Luxembourg image
this means
* that IIS is configured to allow anonymeous access and/or does not configure to use windows authenication
* that the (asp.net) page connects using windows authentication, but eventually you also need to grant the mentioned login in sql server the permission (if you keep the anonymeous access configured)
Avatar of deNZity
deNZity

ASKER

thanks for the reply, I want to be able to use the NetworkService account.

"In Internet Information Services (IIS) 6, the default identity is the NetworkService account."

How do I go about setting this up so the website and sql server 2005 allow the NetworkService user?
Avatar of furi2
furi2
Go to the property of your site in IIS -> Directory Security Tab -> Edit 'Anoymous....' -> Check 'Integrated Windows Authentication'

Start SQL management studio -> select DB -> Security -> Logins
And add the user account that access that you need, and give the permission to access your DB.
Avatar of deNZity
deNZity

ASKER

furi2, that has already been done.
Avatar of Rejojohny
Rejojohny
Flag of United States of America image
do u mean that you have already removed the anonymous acess?

Rejo
Avatar of Rejojohny
Rejojohny
Flag of United States of America image
is your sql server also setup for mixed mode authentication or windows authentication? if windows authentication, what is the domain under which it runs? do u also have <identity impersonate="true"/> in web.config file of the website?
Avatar of deNZity
deNZity

ASKER

Hi Rejojohny,
I have this website operating on the same server as the database(IIS, SQL 2005 )

Both the database and the website need to be moved to a new server.
I setup IIS on new server and deployed site using visual studio.
I then backed up the database and copied .BAK file to sql server and restored db
using sql management studioAll the settings are the same yet I get the error?
Avatar of harperse
harperse
Flag of United States of America image
Using Network Service really isn't an option here, as the Network Service account impersonates the machine account of the server which the request leaves.  Create a domain account, grant it NTFS rights to your data, and run your application pool with that account.  Then grant that account access to your database.

Best of luck,
harperse
Avatar of deNZity
deNZity

ASKER

Thankyou for the replies, The problem was in one of the connection strings used on the site.
I had changed all but one of the strings to reflect the change of server name.
Once this string was changed as well then everything worked ok.
ASKER CERTIFIED SOLUTION
Avatar of Computer101
Computer101
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial