Login failure with windows authentication

4 posts, 0 answers
  1. Craig
    Craig avatar
    112 posts
    Member since:
    Nov 2011

    Posted 02 Dec 2011 Link to this post

    I have deployed an ASP.NET MVC 3 application to an IIS 6 server (ASP.NET 4 and ASP.NET MVC 3 installed). The application uses Open Access ORM Q3 2011. The IIS application pool is set to use a specific windows account, the IIS application directory security is configured to use Windows Authentication (anonymous connections are not allowed) and the SQL Server connection string contains 'integrated security=True'.

    When I start the application I get an error recorded in the Windows application event log 'SQLException ... Login failed for user domainname\machinename$ at Telerik.OpenAccess.RT.Adonet2Generic.Impl.DBDriver.connect (Connectionstring .......'.

    I've redistributed the following Open Access assemblies with my application:

    Please can you explain why it is trying to use machinename$ as the account name and not my account name or the application pool account?

  2. Craig
    Craig avatar
    112 posts
    Member since:
    Nov 2011

    Posted 04 Dec 2011 Link to this post

    I think this is an IIS 6 configuration issue i.e. I hadn't completely configured it. I've now changed the application pool identity to Local System and I have changed the web.config Authentication entry to Windows with impersonation. Most of the SQL connections are now using the logged on user account except for one.

    Can any one suggest why it does not always use impersonation and uses the domainname/machinename$ account?

  3. DevCraft banner
  4. Craig
    Craig avatar
    112 posts
    Member since:
    Nov 2011

    Posted 05 Dec 2011 Link to this post

    Hello again,
    I've been looking into this in more detail. I've removed the login associated with the machine and I ran a SQL Profiler trace. The currently logged on user's account is the only account used to execute the SQL queries.

    If there is a login\database user with permissions associated with the machine name (Network Service ?) a random set of the SQL queries are invoked under this account.

    Why does this occur?

  5. Ralph Waldenmaier
    Ralph Waldenmaier avatar
    202 posts

    Posted 06 Dec 2011 Link to this post

    Hi Craig,

    I'm glad that your system is now working. To figure out, what is causing the connections with the login\database user, I'd suggest you to check if you can see some correlation between the statements executed from the user and your code base. Are there some code parts where you are not working with impersonation? Maybe executing code before using an impersonated connection?

    Usually Telerik OpenAccess ORM does not generate any 'hidden' connections. Since we don't know how the underlying driver behaves with impersonation, it is hard to give you an advice here. Possible causes could be that connections are opened in a background thread and the thread was obtained through the IIS. The impersonation information could be lost.

    I hope this information is helpful for you.

    the Telerik team
    Want to use Telerik OpenAccess with SQL Azure? Download the trial version today. 
Back to Top