Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

  • Thread starter Srinivas Chintakindi
  • Start date
S

Srinivas Chintakindi

Hi All,

I am developing one ASP.NET 2.0 application in which user test the remote
sql server existance. User enters remote sql server name, data base name,
authentication mode, user name, password. I am making the connection string
based on the authentication mode. If it is integrated authentication my
connection string would be as below.

try
{
string s = txtserver.Text;
string d = txtdatabase.Text;
System.Data.SqlClient.SqlConnection conn = new
System.Data.SqlClient.SqlConnection();
string constr = "Data Source=" + s + ";Initial Catalog=" + d +
";Integrated Security=SSPI";
conn.ConnectionString = constr;
conn.Open();
if (conn.State == ConnectionState.Open)
{
Response.Write("success");
}
conn.Close();
}
catch (Exception ex)
{
Response.Write(ex.Message + "<br>");
}

This code is working fine if the portal is accessed using
http://localhost/... but it is failing when the portal is accessed using
http://host_name/.... and tries to test the remote sql server connection. I
enabled impersonation also in web.config file as below

<authentication mode="Windows"/>
<identity impersonate="true"/>

When user is accessing the portal from remote machine http://host_name/ and
trying to test the remote sql server the above code is failing and giving
the error as Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. My web
site is configured to use Integrated windows authentication. I searched the
web for this problem but nothing is worked for me. I am surprising why the
requested user credentials are not passing

Please help me to solve this problem as this very important for me.

Thanks in advance.

Srinivas Ch
 
J

Jay Pondy

To do this with Windows 2000 machines you must have Kerberos security set up.

You are doing a double-hop.

You need to enable security account delegation on the IIS machine. This Windows
2000 feature lets the client connect to multiple servers and pass the
authentication credentials of the original client to each of the servers. You
can use the Active Directory Users and Computers administration tool to check
the Computer is trusted for delegation.

Plenty of links out there about how to do it.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top