I've just finished my c# application with sql database built in 2008 r2 version
I wanted to share this database over LAN and my connection string is :
ConnectionString = #"Data Source=192.168.0.1,1433\SQLEXPRESS;user id=Rula; password=marojo;AttachDbFilename=\\192.168.0.1\Release\WEPA.mdf;Connection Timeout=30;Integrated Security=SSPI;user instance=true";
where 192.168.0.1 is the IP of the computer hosting the sqlexpress instance
when I connect to database locally from the hosting computer I get no errors, but when I try to connect to the database from the shared application I get the following error:
User doesn't have permission to perform this action.
while I mapped the GUEST user to my database on the hosting machine since I knew that if a computer try to connect to database remotly, it connect as guest.
notice: I have my application and database shared over network in the same folder, and again locally everything is ok
Please what can I do to solve this problem ????
thanks in advance =-)
If the 2 machines are not on the same domain this will fail. You might want to use sql logins
The guest account would not be used in an trusted connection. The integrated connection uses the user account attached to the process using the connection string.
http://forums.asp.net/t/822604.aspx/1
If you wanted to use integrated security, the web server would need to be configured to digest logins and then you would need to grant access to all (potential) authenticated users access to the database. This is typically not done due to the unnecessary complexity you are adding to the process. Just use sql links like Ali stated and be done with it.
Okay, I see a couple things that are wrong in your connection string.
Namely, you have defined a user id and password... then you go on to set the Integrated Security flag. These are mutually exclusive. Either it connects as the same user that the app is executing under (most likely the app pool user account) OR it connects as the user defined in your connection string.
The reason you see a difference between 7 and XP is simply that one is defaulting to using the user id / password, the other is defaulting to using integrated security.
I suggest that you visit http://www.connectionstrings.com/ in order to build a proper connection string.
Update:
Other things I see. First, AttachDbFilename can only work with integrated security. Obviously that isn't a possibility, so you need to get rid of that parameter and configure sqlexpress directly on the server to target that database file.
Second, User Instance is for desktop deployments.. not servers. Get rid of it as well because it's going to be a huge memory hog.
Third, read this: http://msdn.microsoft.com/en-us/library/ms247257(v=VS.100).aspx
There are quite a few reasons this could be happening:
SQL Browser service not turned on
Connection string using a trusted connection and you are not set up as that user (check what user your code is using by getting User from the current context)
You do not have the same protocols set up on the client (less likely)
Since it is a permissions issue, you will most likely have to set up your windows domain account in the database to use it. If that is not an option for the application users, then you may desire to move to a sql account rather than windows accounts.
problem solved !!
there was just attaching problem when the database is attached to sql server management studio it's attached as an old name or related to the computer it's copied from
Thank you everyone for your effort : )
Related
I have two machines: WEB-FE and WEB-BE. WEB-BE is running SQL Server and on WEB-FE is running IIS. Both are on Server 2019, and are a part of a workgroup. They are not joined to any AD domain. We are using .NET 6.
My current working connection string is this:
Data Source=web-be;Initial Catalog=MyDb;Persist Security Info=True;User ID=MyApp;Password=thebesteverpassword
I want to connect to the database via the application pool user and not use the userid/password combo, but I haven't been able to make that happen, in spite of my efforts.
As far as I know, the Application Pool needs to be set up and run as a local user, so that when it connects to SQL Server on the other machine, the user will be the same as what SQL Server has on its side for a user.
I haven't been able to find actual instructions on how to do this step by step, which surprises me. Most everything I've seen says that AD and integrated security are the way to go, but I can't do integrated security because these two machines are not on the domain and won't be; they're in a workgroup. I am able to connect by specifying the user/password combination in my appsettings.json, but since this is not a best practice, I want to not do that.
I would like to get instructions on what the appsettings.json connection string should look like, what set up needs to be done on the FE server with IIS, and what set up needs to be done on the BE server with SQL Server, so that when I make a database call (via Entity Framework Core) I'll get the data that I'm looking for.
This should be as simple as
Create a local user with the same name and password on both server.
Create a login and user with permissions for this windows user in SQL Server.
Configure your IIS App Pool to run as this user, and use the in-process hosting model.
Use Integrated Security=true in your connection string.
I've just start working on an ASP.NET Web Application in Visual Studio 2015 and SQL Server 2014. Somewhere, I need to connect to my local database and I use this:
ConnStr = "Data Source=(localdb)\\MSSQLLocalDB;Initial Catalog=my_db;Integrated Security=True";
It works fine when I run the application through VS in my browser. I can access the db and do whatever I want to do. But, when I publish my application in IIS Web Server, and then I open it in browser, it still works OK until I have to access the db. At that moment it throws SqlException:
System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. .
Maybe it is a server name problem and I should use an IP and a Port instead of that name, but I'm not sure because I don't have experience on this.
You are correct: You should use server name and/or IP in your connection string.
Using something like "local" or "localhost" means that your code is not portable. Another option would be to store your connection strings in two separate config files - one for your local copy (for development and troubleshooting) and one for your server (for portability). I have two config files in my solutions:
Web.config
WebServer.config
Then, when I deploy to the server, I just delete Web.config and rename WebServer.config to Web.config. It's totally portable and you'll never have connection string troubles again!
Also noteworthy: you're not including credentials in your connection string, which means that you're using windows authentication when connecting to SQL server. When debugging through visual studio, the application will run as you - and if you have the needed permissions, it will work. However, when running in IIS, it won't be running as you (at least, it SHOULDN'T be) - so you could run into issues there, as well.
EDIT
This link might be useful for you: https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.connectionstring.aspx
Your connection string should look like this:
Data Source=192.168.1.10,1433;Initial Catalog=YourDatabaseName;User ID=SqlUserName;Password=SqlPassword;Connection Timeout=60; Max Pool Size=3000;
(you can set max pool size and connection timeout to whatever you want - or omit them entirely.
Also, regarding your windows issues - you need to make sure that the windows account IIS is using has permissions to traverse your network and reach your SQL Server instance. That said, I suggest that you use a SQL account instead of windows authentication.
Since you are using integrated security in connection string you will have to modify the Identity of App pool under which your application is running.
The Identity will be your windows username and password.
To change the username and password you need to go the advance settings of the app pool and process model you can see identity where you can add your windows credentials
Hope this helps
There are two problems in you connection string:
"Integrated Security" means you are using the native windows system for authentication. Similar to opening SSMS on the database using your Windows password. IIS is now trying to connect to the database, and connection string is telling to use the process that IIS is running under.
You can create a non-windows user in SQL Server and put the credentials into the connection string. Or you can grant the IIS user DB privileges. Or you can a lot different things here, but theses are the easiest to get you moving.
THe second problem in the connection string is the data source. Is there SQL Server on you local machine? If so that's why it's not working. Try to run your app in VS but against the remote SQL Server. That should be your next step.
The problem was that I thought that SQL Server was installed automatically with VS or at least with SQL Server Management Studio. BUT NO. So, as far as I understand, till know I have not worked with a real SQL Server. When I checked SQL Server Configuration Manager there were nothing running at SQL Server Services and so I realized that I was missing something.
Then, I installed SQL Server Express and build my db there. Now it is working fine even when I publish it. The connection string is
Data Source=.\\SQLEXPRESS;Initial Catalog=my_db;User ID=username;Password=pass
It can also be:
Data Source=localhost\\SQLEXPRESS;Initial Catalog=my_db;User ID=username;Password=pass
I need to use data base locally. I have created database in (LocalDB)\v11.0 Server with Visual Studio 2012. Everything is ok when connecting from e.g. console application. But my application is Windows Service. trying to connect to my data base outputs with:
"... The login failed.Login failed for user 'NT AUTHORITY\SYSTEM"
Is there any solution for this? Maybe I should think of setting up other db server for it? If yes, how to set up it so that it would be visible only locally?
So i found out solution myself, how to connect instance of (localdb) from Windows Service which runs as Local System:
I used this articles:
http://technet.microsoft.com/pl-pl/library/hh212961.aspx
http://dba.fyicenter.com/faq/sql_server_2/Verifying_a_Login_Name_with_SQLCMD_Tool.html
http://social.technet.microsoft.com/wiki/contents/articles/4609.troubleshoot-sql-server-2012-express-localdb.aspx
So i shared my localdb (as in 1st article) the problem was I couldn't connect with sqlcmd named pipe np://. I found anwer in 3rd article:
When using sqlcmd, ensure that you are using the SQL Server 2012
version (found in %Program Files%\Microsoft SQL
Server\110\Tools\Binn). If you have previous versions of sqlcmd
installed, calling sqlcmd alone from the command line will most likely
use the old version (which isn't localdb-aware) since the older path
appears first in your PATH environment variable. It may be a good
idea, in general, to manually adjust your PATH environment variable so
that the 110 versions are picked up first.
This small information in fact was crucial;)
so i created user: user with password: pass321!#.
In my windows service my Sql connectionString looks:
"Data Source=(localdb)\\.\\MyInstanceShared;Integrated Security=false;User Id=user;Password=pass321!#"
Integrated security set to false value is also important.
Maybe it will help somebody.
Probably your connection string is using the current Windows User account (the account that runs the service could be the one seen on the error) to connect to the database (and that user account does not have access).
What I would do is that I would change the database to allow "mixed authentication" (this means SQL users and Windows users too) and then I would create a new user, assign that user the required permissions to work with your app and then use that userName and password in the connection string from your windows service.
You could also leave the DB as it is and add user "System" from Windows and then assign the required permissions to it. You can just add "dbo" profile to a user to make it work fast (but check security later before releasing your product).
I think that you need to allow remote connection to your SqlServer.
In the Sql Server configuration manager, under SQL Network Configuration, chose your server and check that TCP/IP is enabled.
In my case, doublic click on TCP/IP, go to the bottom "IPAll" and set dynamic ports empty and TCP Port to 1433.
Let me know if it's enough.
I know this is an often asked question, but I'm still receiving this error and I have tried:
Using localhost, the IP address and the instance name in the
connection string
Changing the SQL Server Configuration Manager so
Named Pipes and TCP are both enabled Ensured the database is set to
allow remote connections
Opened 1433 & 1434 for UDP & TCP in Windows Firewall, in fact I
tried turning off the firewall for a moment to see if it would
connect
Ensured the browser & the MSSQLSERVER service are both up and
running using NETWORK SERVICE
Now for some oddness. The SQL Server instance and the IIS running the website are on the same machine.
If I open a browser and browse to the website I get the error. If I open a browser on my local machine and browse to the website I get the error. If I change the connection string in my development PC to the IP address of the remote server running SQL server and debug the application it connects and runs without error!
I am totally at a loss now as to what could be the error.
This is SQL Server 2008 RC2.
I'm on the verge of giving up - I very much appreciate the efforts you guys have made, I have tried all the suggestions here and I am coming to the conclusion that something must have gone awry in the set-up of the server, the website or the database. Just to reiterate if you remote desktop onto the server and connect to the website using http://gdservers you can login and it all works fine, if you use http://gdservers.<domain>.co.uk the login fails. The error in the event log is a membership credentials failure, not blocked by firewall or anything like that. If there's any other suggestions I'd love to hear them, thanks again.
If your web app intends to use SQL Server Authentication with a SQL login/password then make sure that your connection string explicitly states Integrated Security=False. Otherwise your connection may default to Windows Authentication and not behave as expected.
Edit
Also, be sure that the connection string you're tweaking is the one that is actually being used to make the connection. Sometimes things can get confusing when an application has multiple components that may have their own configuration settings. For example, the problem in the thread here turned out to be:
I was updating the connection string on the web.config but, it's a multitier application, the data access component is in a separate .dll and has its own connection string.
Edit
I'm beginning to wonder if the SQL Membership Provider is using Windows Authentication to connect to the SQL Server even if your data connections aren't. Check out the video here and perhaps review your settings (especially the authentication setting in the provider setup steps).
I don't think anyone spotted it and I only spotted it on Wednesday and then realised I'd made another error. If someone has mentioned it above let me know and I'll change the award and give them the points.
The applicationName was missing from the membership provider. I spotted it on Wednesday and added one in, what I didn't realise I'd done is made a spelling mistake when adding the applicationName in, so when I did this, it didn't fix it, so I thought it wasn't the problem.
Yesterday whilst reviewing the code I noticed I spelt the applicationName 'GSServers' instead of 'GDServers' when I changed it, it all started working.
Not a very satisfactory conclusion and I apologise.
Thank you to everyone who tried to solve this problem and sticking with it.
As I said if someone did mention this in an answer or comment somewhere let me know and they can have the points.
Stupid question but, have you checked the credentials of the login? I'm still very much a noob in this area but I found out thru backing up and restoring a database (at least in MS SQL Server) that the restored user login doesn't work.
I've had to delete the user from the database and add it back in, then everything works fine. Could it be you are accessing a different version of the database on the non-working machine?
How are you indicating the Data Source/server name in your connection string? I've encountered situations where there was a hosts file on the server redirecting elsewhere, or the server was indicated by a domain name which resolved to the external IP address of the server, or other similar oddness.
Also, if you have SQL Serve installed on the server, do you also have Management Studio installed there? It's the quickest way to rule out code or permission errors, just trying variations through Management Studio until you find login details that work (or know that none do).
Usually the easiest and most secure way is using integrated security:
<connectionStrings>
<add name="HitCounterContext"
connectionString="Data Source=(local)\SQLEXPRESS;Initial Catalog=db;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
Make sure you use the correct instance name, which per default is "SQLExpress". I don't know how IDEs work with that, but using this connection string with IIS should at least connect successfully (which is not equal to authentication).
Maybe the authentication fails because your database must have a user for the app pool account. If you disable custom errors in your web.config so you get .net error messages, the error message should tell you that the authentication failed for the app pool user (the message actually tells you which user is used). For instance: If you create a new website called "yoursite.com" using IIS 7, per default it creates a new app pool with the name "yoursite.com". With that you'll have to add a user to the database for IIS APPPOOL/yoursite.com (might not be in the users list) and let it be the db_owner for testing.
Add the user for the app pool using "SQL Server Management Studio" like that (sorry it's german. This actually is the form after the user was added, but it should look the same while adding):
After that, your users list should look like
and the servers login list like
where each app pool has its own login for the server and user for the respective database.
By the way: Connecting from the Management Studio works just the same like from your asp.net app, except that you normally use your current user with SMS:
So, if this works, the connection from your app should do as well. The rest relies on the user for the app pool.
The fact that it's trying to login as sa locally suggests you're not using the connection string in your code; I don't think it's a SQL server problem, but an app problem.
In your app, make sure you're actually using the value of the connection string. Don't use the default constructor. E.g.
using(SqlConnection conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["myconnectionstring"].ConnectionString)){ /* .. code */ }
not
using(SqlConnection conn = new SqlConnection()){ /* .. code .. */ }
If I change the connection string in my development PC to the IP address of the remote server running SQL server and debug the application it connects and runs without error!
It's possible you're dev box has been added an authenticated login, and it's automagically "working".
Comment: Using SSPI with a windows user account is preferable from a security perspective.
Answer:
Port 1433 is used for SSL by the default (unnamed) instance.
Ensure that your named instance has an SSL port properly assigned:
http://blogs.msdn.com/b/sqlexpress/archive/2005/05/05/415084.aspx
Try these connect strings (note that they don't use 'localhost' - which is case sensitive, I believe):
'Provider=SQLOLEDB;Data Source=COMPUTERNAME\SQLEXPRESS;Initial Catalog=Test;User ID=COMPUTERNAME\USERNAME; Password=PASSWORD;Integrated Security=False'
'Provider=SQLOLEDB;Data Source=.\SQLEXPRESS;Initial Catalog=Test;User ID=COMPUTERNAME\USERNAME; Password=PASSWORD;Integrated Security=False'
'Provider=SQLOLEDB;Data Source=.\SQLEXPRESS;Initial Catalog=Test;User ID=COMPUTERNAME\USERNAME; Password=PASSWORD;Integrated Security=SSPI'
ADDITIONAL EDIT:
Whenever client is run on same machine as SQL Server, the error occurs. When client is run from dev machine, no error. You may be failing to resolve the machine name because DNS does not support any of the names.
Suggestion: Connect using localhost. Ensure you can ping localhost and/or telnet localhost 1433. Ensure your hosts file (e.g. C:\Windows\System32\drivers\etc\hosts) has entry:
127.0.0.1 localhost
Alternatively, use: (local)\INSTANCENAME
Run SQLCMD –L to list installations (confirming correct browser operation).
Ensure you don't have older versions of the management tools ensured on the same server. E.g. 2008 & 2005 tools cannot coexist - but 2008 tools are backwards compatible, so you can delete both and just cleanly install 2008.
I am working on a C# web service.
I have deployed a web service which is working perfectly on my local system but when I try to run the same service on my virtual dedicated server it is returning an error.
This is my connection string
Data Source = <serverinstance>\\SQLEXPRESS; Initial Catalog = DomainTable; User ID= <serverinstance>\\admin; Password = <Windows_Login_Password>
Before this I was using this connection string
Data Source=<serverinstance>\\SQLEXPRESS; Initial Catalog=DomainTable; Integrated Security=SSPI";
None of them is working for me. please help its really really important
Data Source=serverinstance\SQLEXPRESS;
-----------------------------------------^ only one slash here
Also make sure that the remote server can see whatever you've referenced as <serverinstance>. You may have this as localhost but your web server does not consider your machine to be localhost. It may also not be able to reach it by name, particularly if it is in a different domain.
If you are trying to use Windows Authentication, there is no way on earth you should be using:
User ID = serverinstance\admin; Password = Windows_Login_Password
Wow, never hard-code a Windows password anywhere. If you want to use SQL authentication, then set up . Otherwise you should be using this instead of User ID / Password:
Persist Security Info = true;
And ensuring that the IIS user has been granted access to your SQL Server.
Try just;
"data source=.\\SQLEXPRESS;Integrated Security=SSPI;initial catalog=DomainTable"
I believe the user name / password are generally only required for remote connections, and you must set them up for the specified DB. The above connection string should get you going on the running instance of sqlexpress on the local machine if you have not made login credentials required.
Edit
If you are using IIS to host, here is a chunk from a recent article I did for deploying and setting up App pools to work with SQL Express 2008. Even if you are not using IIS, you will still need to do something like this to get your hosting environment set up correctly with SQL Server.
Step 1 Create a DB Logon for the IIS USER
In the security section in MS SQL SERVER, need to right click users and your IIS APPPOOL(IIS APPPOOL\apppoolname, created in Section one, Step 2).Check out dp.'s answer here for more step by steps - Add IIS 7 AppPool Identities as SQL Server Logons
Step 2 Setting Permissions for the IIS USER on the db
Right click on the database name, and click properties. In permissions section add your APPPOOL user that you just created, be sure to give him the Execute \Select permissions needed .
Note: Website1 needs Execute, Select, Delete, Insert permissions as well. Website2 is also using this app pool which it shouldnt be because we dont not need to alow the user to have that kind of functionality from within the trimdynamics application. We could seperate the app pools so that our trim dynamics IIS USRS is only getting Execute and Select permissions.
If this does not help, it is hard to tell whats really going on without concrete knowledge of your hosting structure, as there are lot's of gotch-ya's when deploying from development to production environment :(