SQL Server 2008 | Remote Connection String

feesu
feesu used Ask the Experts™
on
Hi experts,

I have an SQL server 2008 on a remote server that I want to connect my local ASP.NET website to.
I copied the same local database files from my local SQL server 2005 to the remote SQL server 2008 and attached them.
The remote SQL server 2008 is on windows authentication while the local is on mixed.
I have the IP, but I am getting an error using the below connection string:

<add name="SiteSqlServer" connectionString="Server=<ip address>;Database=AIIIP;Trusted_Connection=Yes;" providerName="System.Data.SqlClient" />

1.      Is there any additional thing that I missed?
2.      Is it recommended that I user windows authentication on an sql sever that is being used for a website?

Thanks,
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Guy Hengel [angelIII / a3]Billing Engineer
Most Valuable Expert 2014
Top Expert 2009

Commented:
what error do you get?
you may need to specify the port.
is the windows account created in the remote sql server in the logins?
apart from that, see this article to start troubleshooting
http://www.experts-exchange.com/Database/MS-SQL-Server/A_1881-Connect-to-your-SQL-Server.html

Author

Commented:
first of all, the remote server is within our network so it's the same domain.

the error says login failed for "domain/user".

do i need to give permissions to my user on that server? but then when i migrate my local website to the actual webserver, i will need to give permission to the webserver's user on the sql server machine! is that ok from a website security perspective? what's the best practice?
Billing Engineer
Most Valuable Expert 2014
Top Expert 2009
Commented:
>do i need to give permissions to my user on that server?
yes. "windows authentication" will not implicitly create logins in your sql server for "all" windows accounts. that would be not secure at all, as how should sql server know what permissions the windows account should have?

the only "secure" point about is that the password is not stored by sql server, but by the windows domain.

so, if you are in the context of a web server, unless all users are inside the domain, so that you will be able to use indeed the windows authentication even directly from the web page, you will need to created the web service's login the permissions on the sql server

Author

Commented:
you mean the web services' login will allow the sql server permission for the website whether it runs on my local PC or on another server?
Guy Hengel [angelIII / a3]Billing Engineer
Most Valuable Expert 2014
Top Expert 2009
Commented:
if both web services use the same login, yes
this is a nice article about setting up IIS and SQL Server in terms of logins/security:
http://www.codeproject.com/Articles/674930/Configuring-IIS-ASP-NET-and-SQL-Server

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial