I need to use data base locally. I have created database in (LocalDB)\v11.0 Server with Visual Studio 2012. Everything is ok when connecting from e.g. console application. But my application is Windows Service. trying to connect to my data base outputs with:
"... The login failed.Login failed for user 'NT AUTHORITY\SYSTEM"
Is there any solution for this? Maybe I should think of setting up other db server for it? If yes, how to set up it so that it would be visible only locally?
So i found out solution myself, how to connect instance of (localdb) from Windows Service which runs as Local System:
I used this articles:
http://technet.microsoft.com/pl-pl/library/hh212961.aspx
http://dba.fyicenter.com/faq/sql_server_2/Verifying_a_Login_Name_with_SQLCMD_Tool.html
http://social.technet.microsoft.com/wiki/contents/articles/4609.troubleshoot-sql-server-2012-express-localdb.aspx
So i shared my localdb (as in 1st article) the problem was I couldn't connect with sqlcmd named pipe np://. I found anwer in 3rd article:
When using sqlcmd, ensure that you are using the SQL Server 2012
version (found in %Program Files%\Microsoft SQL
Server\110\Tools\Binn). If you have previous versions of sqlcmd
installed, calling sqlcmd alone from the command line will most likely
use the old version (which isn't localdb-aware) since the older path
appears first in your PATH environment variable. It may be a good
idea, in general, to manually adjust your PATH environment variable so
that the 110 versions are picked up first.
This small information in fact was crucial;)
so i created user: user with password: pass321!#.
In my windows service my Sql connectionString looks:
"Data Source=(localdb)\\.\\MyInstanceShared;Integrated Security=false;User Id=user;Password=pass321!#"
Integrated security set to false value is also important.
Maybe it will help somebody.
Probably your connection string is using the current Windows User account (the account that runs the service could be the one seen on the error) to connect to the database (and that user account does not have access).
What I would do is that I would change the database to allow "mixed authentication" (this means SQL users and Windows users too) and then I would create a new user, assign that user the required permissions to work with your app and then use that userName and password in the connection string from your windows service.
You could also leave the DB as it is and add user "System" from Windows and then assign the required permissions to it. You can just add "dbo" profile to a user to make it work fast (but check security later before releasing your product).
I think that you need to allow remote connection to your SqlServer.
In the Sql Server configuration manager, under SQL Network Configuration, chose your server and check that TCP/IP is enabled.
In my case, doublic click on TCP/IP, go to the bottom "IPAll" and set dynamic ports empty and TCP Port to 1433.
Let me know if it's enough.
Related
I have a console application that also runs as a windows service (see: .NET console application as Windows service)
It runs a stored proc that works on my local db, however over the network it only works as a console app, the service gives "SqlException (0x80131904):Cannot find the object or you don't have permission".
The user account has db owner permissions.
The very first thing the SP does is disable a trigger on a table, that it now says either does not exist or I don't have permission to access.
I am new to windows services, is there something I am missing? Do they work differently in this regard?
Its a sqlserver 2012 instance on another devs machine over the local network.
Connection string:
<add name="XYZ_ConnectionString" connectionString="Data Source=PCNAME\sql2012;Initial Catalog=DB_Name;Integrated Security=SSPI;" providerName="System.Data.SqlClient"/>
EDIT: I have noticed that an earlier part of the service that does a select on a table from the DB is working correctly, which suggests the connection is working?
Thanks
If the select query is running correctly that seems to be a permission issue on SQL Server on the user excuting the operations.
Given that you are removing a trigger that does requires a different set of permissions that the ones needed to execute a select statement. I would suggest that you make sure the running user is getting proper access to the services, I would use SQL Server Profiler to log all the query and events to the database right after I run the application. In there I would see the queries that are failing and have a better picture of the root of the error.
You're using Windows Authentication (the part of your connection string that reads Integrated Security=SSPI;) so when you run it as a console app it is using your logged in Windows ID to authenticate.
SQL Servers can be configured to use Windows Authentication or "Mixed Mode", which supports a textual username and password (details). Note that the default is to only use Windows Authentication.
If you are able to add Mixed Mode auth to the SQL Server (or it's already enabled) then get the database admin to create a new user and replace the Integrated Security=SSPI; part of your connection string with something like this:
;User ID=*****;Password=*****;
If you are not able to use Mixed Mode auth at the SQL Server (some DBAs are reticent to do this) then you need to configure your Windows Service to start with a Windows Domain account - note that it must be a Domain account, rather than a local Windows account on your PC, because the SQL Server needs to get to a domain controller to authenticate the credentials.
Info on configuring the service's credentials can be found here, but it's little more complex than opening the service in the service manager window, going to the "Logon" tab, and selecting the account that the service should run as.
I've just start working on an ASP.NET Web Application in Visual Studio 2015 and SQL Server 2014. Somewhere, I need to connect to my local database and I use this:
ConnStr = "Data Source=(localdb)\\MSSQLLocalDB;Initial Catalog=my_db;Integrated Security=True";
It works fine when I run the application through VS in my browser. I can access the db and do whatever I want to do. But, when I publish my application in IIS Web Server, and then I open it in browser, it still works OK until I have to access the db. At that moment it throws SqlException:
System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. .
Maybe it is a server name problem and I should use an IP and a Port instead of that name, but I'm not sure because I don't have experience on this.
You are correct: You should use server name and/or IP in your connection string.
Using something like "local" or "localhost" means that your code is not portable. Another option would be to store your connection strings in two separate config files - one for your local copy (for development and troubleshooting) and one for your server (for portability). I have two config files in my solutions:
Web.config
WebServer.config
Then, when I deploy to the server, I just delete Web.config and rename WebServer.config to Web.config. It's totally portable and you'll never have connection string troubles again!
Also noteworthy: you're not including credentials in your connection string, which means that you're using windows authentication when connecting to SQL server. When debugging through visual studio, the application will run as you - and if you have the needed permissions, it will work. However, when running in IIS, it won't be running as you (at least, it SHOULDN'T be) - so you could run into issues there, as well.
EDIT
This link might be useful for you: https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.connectionstring.aspx
Your connection string should look like this:
Data Source=192.168.1.10,1433;Initial Catalog=YourDatabaseName;User ID=SqlUserName;Password=SqlPassword;Connection Timeout=60; Max Pool Size=3000;
(you can set max pool size and connection timeout to whatever you want - or omit them entirely.
Also, regarding your windows issues - you need to make sure that the windows account IIS is using has permissions to traverse your network and reach your SQL Server instance. That said, I suggest that you use a SQL account instead of windows authentication.
Since you are using integrated security in connection string you will have to modify the Identity of App pool under which your application is running.
The Identity will be your windows username and password.
To change the username and password you need to go the advance settings of the app pool and process model you can see identity where you can add your windows credentials
Hope this helps
There are two problems in you connection string:
"Integrated Security" means you are using the native windows system for authentication. Similar to opening SSMS on the database using your Windows password. IIS is now trying to connect to the database, and connection string is telling to use the process that IIS is running under.
You can create a non-windows user in SQL Server and put the credentials into the connection string. Or you can grant the IIS user DB privileges. Or you can a lot different things here, but theses are the easiest to get you moving.
THe second problem in the connection string is the data source. Is there SQL Server on you local machine? If so that's why it's not working. Try to run your app in VS but against the remote SQL Server. That should be your next step.
The problem was that I thought that SQL Server was installed automatically with VS or at least with SQL Server Management Studio. BUT NO. So, as far as I understand, till know I have not worked with a real SQL Server. When I checked SQL Server Configuration Manager there were nothing running at SQL Server Services and so I realized that I was missing something.
Then, I installed SQL Server Express and build my db there. Now it is working fine even when I publish it. The connection string is
Data Source=.\\SQLEXPRESS;Initial Catalog=my_db;User ID=username;Password=pass
It can also be:
Data Source=localhost\\SQLEXPRESS;Initial Catalog=my_db;User ID=username;Password=pass
I know this is an often asked question, but I'm still receiving this error and I have tried:
Using localhost, the IP address and the instance name in the
connection string
Changing the SQL Server Configuration Manager so
Named Pipes and TCP are both enabled Ensured the database is set to
allow remote connections
Opened 1433 & 1434 for UDP & TCP in Windows Firewall, in fact I
tried turning off the firewall for a moment to see if it would
connect
Ensured the browser & the MSSQLSERVER service are both up and
running using NETWORK SERVICE
Now for some oddness. The SQL Server instance and the IIS running the website are on the same machine.
If I open a browser and browse to the website I get the error. If I open a browser on my local machine and browse to the website I get the error. If I change the connection string in my development PC to the IP address of the remote server running SQL server and debug the application it connects and runs without error!
I am totally at a loss now as to what could be the error.
This is SQL Server 2008 RC2.
I'm on the verge of giving up - I very much appreciate the efforts you guys have made, I have tried all the suggestions here and I am coming to the conclusion that something must have gone awry in the set-up of the server, the website or the database. Just to reiterate if you remote desktop onto the server and connect to the website using http://gdservers you can login and it all works fine, if you use http://gdservers.<domain>.co.uk the login fails. The error in the event log is a membership credentials failure, not blocked by firewall or anything like that. If there's any other suggestions I'd love to hear them, thanks again.
If your web app intends to use SQL Server Authentication with a SQL login/password then make sure that your connection string explicitly states Integrated Security=False. Otherwise your connection may default to Windows Authentication and not behave as expected.
Edit
Also, be sure that the connection string you're tweaking is the one that is actually being used to make the connection. Sometimes things can get confusing when an application has multiple components that may have their own configuration settings. For example, the problem in the thread here turned out to be:
I was updating the connection string on the web.config but, it's a multitier application, the data access component is in a separate .dll and has its own connection string.
Edit
I'm beginning to wonder if the SQL Membership Provider is using Windows Authentication to connect to the SQL Server even if your data connections aren't. Check out the video here and perhaps review your settings (especially the authentication setting in the provider setup steps).
I don't think anyone spotted it and I only spotted it on Wednesday and then realised I'd made another error. If someone has mentioned it above let me know and I'll change the award and give them the points.
The applicationName was missing from the membership provider. I spotted it on Wednesday and added one in, what I didn't realise I'd done is made a spelling mistake when adding the applicationName in, so when I did this, it didn't fix it, so I thought it wasn't the problem.
Yesterday whilst reviewing the code I noticed I spelt the applicationName 'GSServers' instead of 'GDServers' when I changed it, it all started working.
Not a very satisfactory conclusion and I apologise.
Thank you to everyone who tried to solve this problem and sticking with it.
As I said if someone did mention this in an answer or comment somewhere let me know and they can have the points.
Stupid question but, have you checked the credentials of the login? I'm still very much a noob in this area but I found out thru backing up and restoring a database (at least in MS SQL Server) that the restored user login doesn't work.
I've had to delete the user from the database and add it back in, then everything works fine. Could it be you are accessing a different version of the database on the non-working machine?
How are you indicating the Data Source/server name in your connection string? I've encountered situations where there was a hosts file on the server redirecting elsewhere, or the server was indicated by a domain name which resolved to the external IP address of the server, or other similar oddness.
Also, if you have SQL Serve installed on the server, do you also have Management Studio installed there? It's the quickest way to rule out code or permission errors, just trying variations through Management Studio until you find login details that work (or know that none do).
Usually the easiest and most secure way is using integrated security:
<connectionStrings>
<add name="HitCounterContext"
connectionString="Data Source=(local)\SQLEXPRESS;Initial Catalog=db;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
Make sure you use the correct instance name, which per default is "SQLExpress". I don't know how IDEs work with that, but using this connection string with IIS should at least connect successfully (which is not equal to authentication).
Maybe the authentication fails because your database must have a user for the app pool account. If you disable custom errors in your web.config so you get .net error messages, the error message should tell you that the authentication failed for the app pool user (the message actually tells you which user is used). For instance: If you create a new website called "yoursite.com" using IIS 7, per default it creates a new app pool with the name "yoursite.com". With that you'll have to add a user to the database for IIS APPPOOL/yoursite.com (might not be in the users list) and let it be the db_owner for testing.
Add the user for the app pool using "SQL Server Management Studio" like that (sorry it's german. This actually is the form after the user was added, but it should look the same while adding):
After that, your users list should look like
and the servers login list like
where each app pool has its own login for the server and user for the respective database.
By the way: Connecting from the Management Studio works just the same like from your asp.net app, except that you normally use your current user with SMS:
So, if this works, the connection from your app should do as well. The rest relies on the user for the app pool.
The fact that it's trying to login as sa locally suggests you're not using the connection string in your code; I don't think it's a SQL server problem, but an app problem.
In your app, make sure you're actually using the value of the connection string. Don't use the default constructor. E.g.
using(SqlConnection conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["myconnectionstring"].ConnectionString)){ /* .. code */ }
not
using(SqlConnection conn = new SqlConnection()){ /* .. code .. */ }
If I change the connection string in my development PC to the IP address of the remote server running SQL server and debug the application it connects and runs without error!
It's possible you're dev box has been added an authenticated login, and it's automagically "working".
Comment: Using SSPI with a windows user account is preferable from a security perspective.
Answer:
Port 1433 is used for SSL by the default (unnamed) instance.
Ensure that your named instance has an SSL port properly assigned:
http://blogs.msdn.com/b/sqlexpress/archive/2005/05/05/415084.aspx
Try these connect strings (note that they don't use 'localhost' - which is case sensitive, I believe):
'Provider=SQLOLEDB;Data Source=COMPUTERNAME\SQLEXPRESS;Initial Catalog=Test;User ID=COMPUTERNAME\USERNAME; Password=PASSWORD;Integrated Security=False'
'Provider=SQLOLEDB;Data Source=.\SQLEXPRESS;Initial Catalog=Test;User ID=COMPUTERNAME\USERNAME; Password=PASSWORD;Integrated Security=False'
'Provider=SQLOLEDB;Data Source=.\SQLEXPRESS;Initial Catalog=Test;User ID=COMPUTERNAME\USERNAME; Password=PASSWORD;Integrated Security=SSPI'
ADDITIONAL EDIT:
Whenever client is run on same machine as SQL Server, the error occurs. When client is run from dev machine, no error. You may be failing to resolve the machine name because DNS does not support any of the names.
Suggestion: Connect using localhost. Ensure you can ping localhost and/or telnet localhost 1433. Ensure your hosts file (e.g. C:\Windows\System32\drivers\etc\hosts) has entry:
127.0.0.1 localhost
Alternatively, use: (local)\INSTANCENAME
Run SQLCMD –L to list installations (confirming correct browser operation).
Ensure you don't have older versions of the management tools ensured on the same server. E.g. 2008 & 2005 tools cannot coexist - but 2008 tools are backwards compatible, so you can delete both and just cleanly install 2008.
I've just finished my c# application with sql database built in 2008 r2 version
I wanted to share this database over LAN and my connection string is :
ConnectionString = #"Data Source=192.168.0.1,1433\SQLEXPRESS;user id=Rula; password=marojo;AttachDbFilename=\\192.168.0.1\Release\WEPA.mdf;Connection Timeout=30;Integrated Security=SSPI;user instance=true";
where 192.168.0.1 is the IP of the computer hosting the sqlexpress instance
when I connect to database locally from the hosting computer I get no errors, but when I try to connect to the database from the shared application I get the following error:
User doesn't have permission to perform this action.
while I mapped the GUEST user to my database on the hosting machine since I knew that if a computer try to connect to database remotly, it connect as guest.
notice: I have my application and database shared over network in the same folder, and again locally everything is ok
Please what can I do to solve this problem ????
thanks in advance =-)
If the 2 machines are not on the same domain this will fail. You might want to use sql logins
The guest account would not be used in an trusted connection. The integrated connection uses the user account attached to the process using the connection string.
http://forums.asp.net/t/822604.aspx/1
If you wanted to use integrated security, the web server would need to be configured to digest logins and then you would need to grant access to all (potential) authenticated users access to the database. This is typically not done due to the unnecessary complexity you are adding to the process. Just use sql links like Ali stated and be done with it.
Okay, I see a couple things that are wrong in your connection string.
Namely, you have defined a user id and password... then you go on to set the Integrated Security flag. These are mutually exclusive. Either it connects as the same user that the app is executing under (most likely the app pool user account) OR it connects as the user defined in your connection string.
The reason you see a difference between 7 and XP is simply that one is defaulting to using the user id / password, the other is defaulting to using integrated security.
I suggest that you visit http://www.connectionstrings.com/ in order to build a proper connection string.
Update:
Other things I see. First, AttachDbFilename can only work with integrated security. Obviously that isn't a possibility, so you need to get rid of that parameter and configure sqlexpress directly on the server to target that database file.
Second, User Instance is for desktop deployments.. not servers. Get rid of it as well because it's going to be a huge memory hog.
Third, read this: http://msdn.microsoft.com/en-us/library/ms247257(v=VS.100).aspx
There are quite a few reasons this could be happening:
SQL Browser service not turned on
Connection string using a trusted connection and you are not set up as that user (check what user your code is using by getting User from the current context)
You do not have the same protocols set up on the client (less likely)
Since it is a permissions issue, you will most likely have to set up your windows domain account in the database to use it. If that is not an option for the application users, then you may desire to move to a sql account rather than windows accounts.
problem solved !!
there was just attaching problem when the database is attached to sql server management studio it's attached as an old name or related to the computer it's copied from
Thank you everyone for your effort : )
I have a Windows domain within which a machine is running SQL Server 2005 and which is configured to support only Windows authentication. I would like to run a C# client application on a machine on the same network, but which is NOT on the domain, and access a database on the SQL Server 2005 instance.
I thought that it would be a simple matter of doing something like this:
string connectionString = "Data Source=server;Initial Catalog=database;User Id=domain\user;Password=password";
SqlConnection connection = new SqlConnection(connectionString);
connection.Open();
However, this fails: the client-side error is:
System.Data.SqlClient.SqlException: Login failed for user 'domain\user'
and the server-side error is: Error 18456, Severity 14, State 5
I have tried various things including setting integrated security to true and false, and \ instead of \ in the User Id, but without success.
In general, I know that it possible to connect to the SQL Server 2005 instance from a non-domain machine (for example, I am working with a Linux-based application which happily does this), but I don't seem to be able to work out how to do it from a Windows machine.
With Management Studio when connecting to a server on another domain via Windows Authentication you need to use the "runas" Facility when starting the application.
runas /user:OTHERDOMAIN\OTHERUSERNAME /netonly
"C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe"
Maybe you could try an analogous thing when starting your application?
(Per Martin Smith's answer) I use RUNAS /NETONLY all the time to run SSMS and the BI dev studio and Visual Studio IDE and other 3rd party applications against a server on a domain we do not authenticate against. I'm not sure why you can't do this - you must somehow have an account on that domain which works with SQL Server if you are using integrated security.
In addition, I modified one of my main C# programs to use CreateProcessWithLogonW with LOGON_NETCREDENTIALS_ONLY (How to build RUNAS /NETONLY functionality into a (C#/.NET/WinForms) program?) so that it prompts for username and password and then re-launches itself.
Using the same API, I also made a version of RUNAS /NETONLY which will accept a password on the command-line, since RUNAS will NOT allow a password on the command-line. Obviously, this is an inherent security risk, and I don't use it frequently.
As a matter of completeness, there is also this great shell extension: http://technet.microsoft.com/en-us/sysinternals/cc300361.aspx - the regular Run As Shell extension doesn't have the ability to do the equivalent of /NETONLY.
It is possible to create a local user on each machine with the same user name and password Once these users have been created give the user on the SQL server machine access to SQL server, on your other machine your application must be running as the newly created user, if is a web app simply change application pool settings.
Did you try connecting with machineName\UserName ? I'd also imagine that such a user should be created in the SQL database well - correct?