This is a migrated thread and some comments may be shown as answers.

Login failure with windows authentication

3 Answers 407 Views
Data Access Free Edition
This is a migrated thread and some comments may be shown as answers.
This question is locked. New answers and comments are not allowed.
Craig
Top achievements
Rank 1
Craig asked on 02 Dec 2011, 02:57 PM
Hi,
I have deployed an ASP.NET MVC 3 application to an IIS 6 server (ASP.NET 4 and ASP.NET MVC 3 installed). The application uses Open Access ORM Q3 2011. The IIS application pool is set to use a specific windows account, the IIS application directory security is configured to use Windows Authentication (anonymous connections are not allowed) and the SQL Server connection string contains 'integrated security=True'.

When I start the application I get an error recorded in the Windows application event log 'SQLException ... Login failed for user domainname\machinename$ at Telerik.OpenAccess.RT.Adonet2Generic.Impl.DBDriver.connect (Connectionstring .......'.

I've redistributed the following Open Access assemblies with my application:
Telerik.OpenAccess.dll
Telerik.OpenAccess.35.Extensions.dll
Telerik.OpenAccess.40.Extensions.dll
Telerik.OpenAccess.Config.dll
Telerik.OpenAccess.Runtime.dll
Telerik.OpenAccess.Web.dll
Telerik.OpenAccess.Windows.dll


Please can you explain why it is trying to use machinename$ as the account name and not my account name or the application pool account?

Thanks
Craig

3 Answers, 1 is accepted

Sort by
0
Craig
Top achievements
Rank 1
answered on 04 Dec 2011, 06:40 PM
I think this is an IIS 6 configuration issue i.e. I hadn't completely configured it. I've now changed the application pool identity to Local System and I have changed the web.config Authentication entry to Windows with impersonation. Most of the SQL connections are now using the logged on user account except for one.

Can any one suggest why it does not always use impersonation and uses the domainname/machinename$ account?

Craig 
0
Craig
Top achievements
Rank 1
answered on 05 Dec 2011, 02:30 PM
Hello again,
I've been looking into this in more detail. I've removed the login associated with the machine and I ran a SQL Profiler trace. The currently logged on user's account is the only account used to execute the SQL queries.

If there is a login\database user with permissions associated with the machine name (Network Service ?) a random set of the SQL queries are invoked under this account.

Why does this occur?

Regards
Craig
0
Ralph Waldenmaier
Telerik team
answered on 06 Dec 2011, 11:42 AM
Hi Craig,

I'm glad that your system is now working. To figure out, what is causing the connections with the login\database user, I'd suggest you to check if you can see some correlation between the statements executed from the user and your code base. Are there some code parts where you are not working with impersonation? Maybe executing code before using an impersonated connection?

Usually Telerik OpenAccess ORM does not generate any 'hidden' connections. Since we don't know how the underlying driver behaves with impersonation, it is hard to give you an advice here. Possible causes could be that connections are opened in a background thread and the thread was obtained through the IIS. The impersonation information could be lost.

I hope this information is helpful for you.

Greetings,
Ralph
the Telerik team
Want to use Telerik OpenAccess with SQL Azure? Download the trial version today. 
Tags
Data Access Free Edition
Asked by
Craig
Top achievements
Rank 1
Answers by
Craig
Top achievements
Rank 1
Ralph Waldenmaier
Telerik team
Share this question
or