IIS and SQL Server 2000 Windows Authentication

John Barr · Sep 3, 2008

We have asp.net application setup using Windows Authentication. For the
website, under directory security the only thing checked is "Windows
Authentication". We have the users specified in SQL who have rights to
connect...etc. In the Web.Config, it is specified as Integrated
Security=true. However, when the user goes to the site, an error message is
displayed saying Login attempt failed for (Our Domain Name)\(Our Web
Application Server Name)$ . I have a couple of issues here...

1. Why is it attempting to logon with this account?

2. The domain Machine name doesnt have a $ on it, so why is it showing that
way?

3. Is this some internal naming for a windows account?

Bob Barrows [MVP] · Sep 3, 2008

John said:
We have asp.net

There was no way for you to know it (except maybe by browsing through
some of the previous questions before posting yours - always a
recommended practice), but this is a classic (COM-based) asp newsgroup.
ASP.Net is a different technology from classic ASP. While you may be
lucky enough to find a dotnet-savvy person here who can answer your
question, you can eliminate the luck factor by posting your question to
a newsgroup where the dotnet-savvy people hang out. I suggest

microsoft.public.dotnet.framework.aspnet.

There are also forums at www.asp.net where you can find a lot of people
to help you.

HTH,
Bob Barrows

Anthony Jones · Sep 4, 2008

John Barr said:
We have asp.net application setup using Windows Authentication. For the
website, under directory security the only thing checked is "Windows
Authentication". We have the users specified in SQL who have rights to
connect...etc. In the Web.Config, it is specified as Integrated
Security=true. However, when the user goes to the site, an error message
is
displayed saying Login attempt failed for (Our Domain Name)\(Our Web
Application Server Name)$ . I have a couple of issues here...

1. Why is it attempting to logon with this account?

Because you haven't specified:-

<identity impersonate="true" />

in the <system.web> section.

The authenticated user is purely a .NET IPrinicple and does not impact the
security token that the thread runs as.
In order for an integrated security to pass through to a SQL connection the
thread needs to impersonate the windows account of the the user. The above
entry causes that to happen.

2. The domain Machine name doesnt have a $ on it, so why is it showing
that
way?

It is a bit strange but it will the machine account that is trying to access
the SQL server because the default identity on the process will be NETWORK
SERVICE

3. Is this some internal naming for a windows account?

Yes but I don't think the $ really means much.

Weird Windows integrated authentication problem between Web serviceand SQL Server	0	Feb 12, 2008
Windows Authentication to SQL Server?	6	Sep 9, 2009
How to store data from a sign up form on a website into an sql databse	1	Sep 9, 2022
Windows authentication from ASP.NET to SQL Server	2	Aug 9, 2005
Windows Authentication problems	0	Mar 2, 2009
Windows authentication from ASP.NET to SQL Server	8	Aug 8, 2005
Windows Authentication with ASP.Net and SQL Server	2	Sep 11, 2005
Prob: Connecting to MSSQL using windows authentication	7	Apr 20, 2009

IIS and SQL Server 2000 Windows Authentication

John Barr

Bob Barrows [MVP]

Anthony Jones

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads