"NT Authority\Network Service" in Global.asax

Discussion in 'ASP .Net' started by =?Utf-8?B?QWxleCBNYWdoZW4=?=, May 22, 2004.

  1. This is weird

    On my WinXP development box, database calls made from within my GLOBAL.ASAX go to SQLServer as user "ASPNET" even though I have impersonation turned on in my web.config. That's fine

    Now, when I move the whole application over to my Windows 2003 Server box, during the GLOBAL.ASAX calls to SQLServer, I get "Login failed for NT AUTHORITY\NETWORK SERVICE." I don't understand this. "NT AUTHORITY\NETWORK SERVICE" isn't even a user in the user-list on the Windows2003 server

    What is this and can you help

    Ale
    =?Utf-8?B?QWxleCBNYWdoZW4=?=, May 22, 2004
    #1
    1. Advertising

  2. =?Utf-8?B?QWxleCBNYWdoZW4=?=

    DalePres Guest

    To overcome a similar issue in a recent project I had to, surprisingly, turn
    ON anonymous access. In my case, I was calling a stored procedure from a
    webservice that had been called by an ASP.Net page. In the ASP.Net page, I
    had impersonation turned on and had to turn anonymous access off for the
    webservice to get the correct identity. The strange thing was that, in the
    production IIS 5.0, SQL Server, on a different machine altogether started
    returning the error you describe. Only when I turned anonymous access on
    did it work correctly.

    So, the point is...Play with anonymous access but it may not always work
    consistently between IIS 5.1 and IIS 5.0.

    Dale


    "Alex Maghen" <> wrote in message
    news:D...
    > This is weird!
    >
    > On my WinXP development box, database calls made from within my

    GLOBAL.ASAX go to SQLServer as user "ASPNET" even though I have
    impersonation turned on in my web.config. That's fine.
    >
    > Now, when I move the whole application over to my Windows 2003 Server box,

    during the GLOBAL.ASAX calls to SQLServer, I get "Login failed for NT
    AUTHORITY\NETWORK SERVICE." I don't understand this. "NT AUTHORITY\NETWORK
    SERVICE" isn't even a user in the user-list on the Windows2003 server.
    >
    > What is this and can you help?
    >
    > Alex
    >
    DalePres, May 23, 2004
    #2
    1. Advertising

  3. I'm not sure I get this. DO you mean that I should play with the access settings in IIS's security property page? Or do you mean the "Impersonation" section in Web.Config? In any case, this isn't really an option in this area anyway: I'll have to eventually set the access privilages the way I need 'em, right

    Doesn't anyone know exactly what this error means

    Thanks

    Ale

    ----- DalePres wrote: ----

    To overcome a similar issue in a recent project I had to, surprisingly, tur
    ON anonymous access. In my case, I was calling a stored procedure from
    webservice that had been called by an ASP.Net page. In the ASP.Net page,
    had impersonation turned on and had to turn anonymous access off for th
    webservice to get the correct identity. The strange thing was that, in th
    production IIS 5.0, SQL Server, on a different machine altogether starte
    returning the error you describe. Only when I turned anonymous access o
    did it work correctly

    So, the point is...Play with anonymous access but it may not always wor
    consistently between IIS 5.1 and IIS 5.0

    Dal


    "Alex Maghen" <> wrote in messag
    news:D..
    > This is weird
    >> On my WinXP development box, database calls made from within m

    GLOBAL.ASAX go to SQLServer as user "ASPNET" even though I hav
    impersonation turned on in my web.config. That's fine
    >> Now, when I move the whole application over to my Windows 2003 Server box

    during the GLOBAL.ASAX calls to SQLServer, I get "Login failed for N
    AUTHORITY\NETWORK SERVICE." I don't understand this. "NT AUTHORITY\NETWOR
    SERVICE" isn't even a user in the user-list on the Windows2003 server
    >> What is this and can you help
    >> Ale

    >
    =?Utf-8?B?QWxleCBNYWdoZW4=?=, May 23, 2004
    #3
  4. =?Utf-8?B?QWxleCBNYWdoZW4=?=

    clintonG Guest

    NT AUTHORITY is a specific type of user account that runs in
    the context of an Application Pool. There is an interesting article
    [2] that discusses the use of Integrated Security when MS-SQL
    is or is not on the same machine as IIS.

    Since I've recently had this same introduction to NT AUTHORITY
    which I previously knew nothing about I decided to try to use that
    Google thingy where I am now starting to get an understanding of
    the circumstances. Hint Hint ;-)

    --
    <%= Clinton Gallagher
    A/E/C Consulting, Web Design, e-Commerce Software Development
    Wauwatosa, Milwaukee County, Wisconsin USA
    NET csgallagher@ REMOVETHISTEXT metromilwaukee.com
    URL http://www.metromilwaukee.com/clintongallagher/

    [1]
    http://msdn.microsoft.com/library/d...-us/iissdk/iis/ref_mb_apppoolidentitytype.asp
    [2]
    http://www.winnetmag.com/SQLServer/Forums/messageview.cfm?catid=1667&threadid=119443



    "Alex Maghen" <> wrote in message
    news:...
    > I'm not sure I get this. DO you mean that I should play with the

    access settings in IIS's security property page? Or do you mean the
    "Impersonation" section in Web.Config? In any case, this isn't really an
    option in this area anyway: I'll have to eventually set the access
    privilages the way I need 'em, right?
    >
    > Doesn't anyone know exactly what this error means?
    >
    > Thanks.
    >
    > Alex
    >
    > ----- DalePres wrote: -----
    >
    > To overcome a similar issue in a recent project I had to,

    surprisingly, turn
    > ON anonymous access. In my case, I was calling a stored

    procedure from a
    > webservice that had been called by an ASP.Net page. In the

    ASP.Net page, I
    > had impersonation turned on and had to turn anonymous access off

    for the
    > webservice to get the correct identity. The strange thing was

    that, in the
    > production IIS 5.0, SQL Server, on a different machine altogether

    started
    > returning the error you describe. Only when I turned anonymous

    access on
    > did it work correctly.
    >
    > So, the point is...Play with anonymous access but it may not

    always work
    > consistently between IIS 5.1 and IIS 5.0.
    >
    > Dale
    >
    >
    > "Alex Maghen" <> wrote in message
    > news:D...
    > > This is weird!
    > >> On my WinXP development box, database calls made from within

    my
    > GLOBAL.ASAX go to SQLServer as user "ASPNET" even though I have
    > impersonation turned on in my web.config. That's fine.
    > >> Now, when I move the whole application over to my Windows 2003

    Server box,
    > during the GLOBAL.ASAX calls to SQLServer, I get "Login failed

    for NT
    > AUTHORITY\NETWORK SERVICE." I don't understand this. "NT

    AUTHORITY\NETWORK
    > SERVICE" isn't even a user in the user-list on the Windows2003

    server.
    > >> What is this and can you help?
    > >> Alex

    > >
    clintonG, May 23, 2004
    #4
  5. =?Utf-8?B?QWxleCBNYWdoZW4=?=

    Eric Marvets Guest

    Its probablly because the event from your global.asax does not have a user
    to impersonate. If that's the issue, then you are impersonating the user
    that visits the site instead of a single user you set up in a config file,
    correct?

    Some events that fire in ASP.NET are fired by the ASP.NET process, not a
    user visiting the site. Let me know if that is the case. I'm still not up
    to speed on all of the Win2k3 process stuff like i am on 2000, but I need to
    learn it quick and don;t mind doing it :)


    --
    Eric Marvets
    Principal Consultant

    the bang project

    <shameless self promotion>

    Email for Information on Our
    Architecture and Mentoring Services

    </shameless self promotion>
    Eric Marvets, May 25, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ecoder
    Replies:
    0
    Views:
    1,418
    ecoder
    Jul 8, 2003
  2. Ibrahim Mohamed El-Ganady

    Login failed for user 'NT AUTHORITY\NETWORK SERVICE'

    Ibrahim Mohamed El-Ganady, Jan 6, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    14,371
    Stefán Jökull Sigurðarson
    Jan 6, 2004
  3. Martin
    Replies:
    5
    Views:
    5,371
    Martin
    Aug 20, 2004
  4. =?Utf-8?B?YmNoYXJsZXM=?=

    global.asax and global.asax.cs

    =?Utf-8?B?YmNoYXJsZXM=?=, Oct 4, 2004, in forum: ASP .Net
    Replies:
    5
    Views:
    798
    =?Utf-8?B?YmNoYXJsZXM=?=
    Oct 5, 2004
  5. Mark Rae

    Global.asax / Global.asax.cs in v2

    Mark Rae, May 23, 2006, in forum: ASP .Net
    Replies:
    6
    Views:
    3,137
    Mark Rae
    May 23, 2006
Loading...

Share This Page