Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection

Discussion in 'ASP .Net Security' started by Waldy, Mar 25, 2008.

  1. Waldy

    Waldy Guest

    Hi there,
    I don't know if this is an IIS or SQL Server issue. I have an
    ASP.Net web application that is set up with Anonymous access turned off and
    Windows Authentication turned on. The SQL 2000 server (on another machine)
    is set up for Windows only authentication. The application won't logon to
    SQL Server, as I get the error above. I have searched for this error and
    most of the articles suggest activating mixed mode authentication. This is
    at a customer site however, and they want the server left as it is. How do
    I make it work as intended.
     
    Waldy, Mar 25, 2008
    #1
    1. Advertising

  2. Hello,

    since you have three machines involved in this scenario (client machine, web
    server, sql server) you most likely don't have kerberos configured, which is
    required for this scenario (delegation of account tokens). Search for
    "double-hop problem" and you'll find plenty of resources on this.

    If you want integrated authentication on the client side, you need kerberos.
    If you can live with people entering their credentials you could switch to
    basic authentication and authenticate to the sql server with those
    credentials. You should only do this if you have SSL enabled, otherwise the
    credentials would be transferred in clear-text over the network.

    Third option: Use integrated authentication from the client to the webserver
    and use the service account of the IIS (AppPool user under Windows 2003+) to
    authenticate to the SQL server.

    Kind regards,
    Henning Krause


    "Waldy" <> wrote in message
    news:%...
    > Hi there,
    > I don't know if this is an IIS or SQL Server issue. I have
    > an ASP.Net web application that is set up with Anonymous access turned off
    > and Windows Authentication turned on. The SQL 2000 server (on another
    > machine) is set up for Windows only authentication. The application won't
    > logon to SQL Server, as I get the error above. I have searched for this
    > error and most of the articles suggest activating mixed mode
    > authentication. This is at a customer site however, and they want the
    > server left as it is. How do I make it work as intended.
    >
     
    Henning Krause [MVP - Exchange], Mar 25, 2008
    #2
    1. Advertising

  3. Waldy

    Waldy Guest

    Hi Henning,
    there is already a .ASP application on the web server that
    is working fine. It is only the ASP.Net application that has this problem.
     
    Waldy, Mar 25, 2008
    #3
  4. Hello Waldy,

    are the Impersonation settings equal on both asp.net applicaitons?

    Kind regards,
    Henning Krause

    "Waldy" <> wrote in message
    news:...
    > Hi Henning,
    > there is already a .ASP application on the web server
    > that is working fine. It is only the ASP.Net application that has this
    > problem.
    >
    >
     
    Henning Krause [MVP - Exchange], Mar 25, 2008
    #4
  5. Waldy

    Waldy Guest

    "Henning Krause [MVP - Exchange]" <>
    wrote in message news:...
    > Hello Waldy,
    >
    > are the Impersonation settings equal on both asp.net applicaitons?


    Hi Henning,
    there is only one ASP.Net app, the other one is classic
    ..ASP and that works fine. Where are the Impersonation settings? If you are
    talking about the IIS Web Site Properties / Directory Security /
    Authentication Methods dialog, then yes, the settings are exactly the same.
     
    Waldy, Mar 26, 2008
    #5
  6. Hi Waldy,

    take a look at the web.config of the ASP.NET application.

    There should be a tag named <identity>. Check if it is set to
    <identity impersonate="true" />

    if it's not there or impersonate="false", then impersonation is disabled.

    Kind regards,
    Henning Krause

    "Waldy" <> wrote in message
    news:%...
    > "Henning Krause [MVP - Exchange]" <>
    > wrote in message news:...
    >> Hello Waldy,
    >>
    >> are the Impersonation settings equal on both asp.net applicaitons?

    >
    > Hi Henning,
    > there is only one ASP.Net app, the other one is classic
    > .ASP and that works fine. Where are the Impersonation settings? If you
    > are talking about the IIS Web Site Properties / Directory Security /
    > Authentication Methods dialog, then yes, the settings are exactly the
    > same.
    >
     
    Henning Krause [MVP - Exchange], Mar 26, 2008
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page