Custom DB Access Issue

Nik J
  • Custom DB Access Issue Nik J

    We have an issue in accessing custom a DB from a SharePoint custom webpart. When we try to access the custom DB from SharePoint webpart we are getting the error "Login Failed for User NTAuthority\Anonymous Logon".

    This issue occurs in the following scenario: WebApplication exists in seperate server DB Server Instance exists in seperate server and WebApplication AppPool uses "domain\someuser" and DB Server Instance has the same user "domain\someuser" and has permission to Custom DB.

    Web.config entries:

    <authentication mode="Windows" />
    <identity impersonate="true" />

    The connection string we are using is "Data Source=xxxx; Initial catalog=yyy; Integrated security=true;" We have tried with a small change in conneciontion string as well "Data Source=xxxx; Initial catalog=yyy; Integrated security=SSPI;" It didn't work.

    It works in 3 scenarios, but these are not acceptable as per our client security rules,

    1. If we modify impersonation to use the domain user <identity impersonate="true" username=”domain\someuser” password=”***” />

    2. If we add “NTAuthority\Anonymous Logon” as a user in custom DB server instance.

    3. If we use Sql Authentication “Data Source=xxxx; Initial catalog=yyy; Integrated security=false;user id=sampleuser;password=*;”

    Is there any other approach which could be used to resolve this issue?

  • Can u let me us know what is the CAS Policy ? Is it Low/Medium/Fulltrust, If its low it does not work. And one more thing can u try the elevated permission option

  • This is due to the double-hop issue. You cannot inherit the user credentials all the way to your database by using NTLM.

    You have several options though:

    • User Kerberos and delegation
    • Impersonation
    • Use specific db-credentials (optionally using the SSO service)
    • Use SQL login instead of Windows login and specify the credentials in the connection string
    • and there are more...

2007 authentication kerberos impersonation
Related questions and answers
  • 2010 SQL (Default Instance) SQL Server 2008 R2 64 Bit All the necessary steps in Spence's guide (domain accounts, permissions, rights, etc.) have been followed. The two FIM services on the APP... 22: The Forefront Identity Manager Service cannot connect to the SQL Database Server. This error now only exists once in the logs. The User Profile Sync service is now stuck at starting rather than... establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. Event 18452 Login

  • to a dataset that was created (.xsd file). We have a web.config connection string that looks like: &lt;add name="crmConnectionString" connectionString="Data Source=myservername;Initial Catalog=CRM;User Id=xyz123;Password=***************;Integrated Security=False;Connect Timeout=30;" providerName="System.Data.SqlClient" /&gt; As I mentioned, this application works fine in VS2005, VS2008, and also...; &lt;asp:Parameter Name="Domain" Type="String" /&gt; &lt;asp:Parameter Name="code" Type="String" /&gt; &lt;asp:Parameter Name="meaning" Type="String" /&gt; &lt;asp:Parameter Name

  • Hello I really need help with this... , I am using Sharepoint 2007. I have the 'collect data from user' action in a workflow - which generates a custom form within the workflow folder. The form... on this? I have pasted the form's DataFormWebPart below for reference: Many Thanks! &lt;WebPartPages:DataFormWebPart runat="server" IsIncluded="True" FrameType="None" NoDefaultStyle="TRUE" ViewFlag="0...;DataSources> &lt;SharePoint:SPDataSource runat="server" DataSourceMode="ListItem" UseInternalName="true" selectcommand="&lt;View&gt;&lt;ViewFields&gt;&lt;FieldRef Name

  • ()); } UPDATE: Based on feedback from Wictor, I tried the following: &lt;?xml version="1.0" encoding="utf-8"?&gt; &lt;webParts> &lt;webPart xmlns=""&gt; &lt...I'm trying to add a custom web part (that is one I have written myself) using the new Javascipt OM available with SharePoint 2010. My solution is also running within the Sandbox. I have it working...;?xml version=\"1.0\" encoding=\"utf-8\"?&gt;"; //webPartXml = webPartXml + "&lt;WebPart xmlns:xsi=\"\" xmlns:xsd=\"\" xmlns

  • [A content has been removed from Latest Events. &lt;br/&gt;Thank You]]&gt; &lt;/HTML> &lt;/Case> &lt;Default> &lt;GetVar...I've customized alert notification template for Announcements list. Here is custom code: &lt;Immediate> &lt;Subject> &lt;Switch> &lt;Expr> &lt;GetVar Name...; &lt;Case Value = "1"&gt; &lt;HTML> &lt;![CDATA[A new content has been added to Latest Events. To view, please visit: &lt;a href

  • Powershell as domain administrator (so I have rights to access domain accounts) I didn't install SQL Server 2008 KB 970315 x64, because I'm running R2 version - as I understand this is SQL Server 2008 SP2...I'd really like to prepare development environment for Sharepoint 2010. This is what I did: I installed Windows 7 x64 I installed VMWare Workstation Created a VM domain controller based on Windows... (Windows6.1-KB974405-x64.msu) Enabled all roles indicated in the list (IIS and WCF) Installed Sharepoint Foundation 2010 didn't run the product configuration wizard (yet) created two additional domain user accounts

  • I am using SharePoint 2007 Enterprise + Publishing portal template + Windows Server 2008. And I am developing using ASP.Net + C# + .Net 3.5 + VSTS 2008 on SharePoint Server 2007. I am developing a custom authentication provider based on Forms authentication. When an anonymous access a page which needs authentication, by the default behavior, the login page will be redirected. My requirement is, when a user access a page for the first time in my SharePoint site which needs authentication, if there is a special URL variable in current http session called "Identity", I want to treat the user

  • am developing); If the value Identity variable is null, it means anonymous user. And if the Identity value is not null (means an authenticated user), I will using a WCF interface to find user information (e.g. user name and email address) from the Identity variable; The actual user name, user profile (e.g. email address) and password are maintained by the other site; My site will manage roles...I am using SharePoint 2007 Enterprise + Publishing portal template + Windows Server 2008. I am developing using VSTS 2008 + C# + .Net 3.5. I need to implement SSO (Single Sign On feature

  • We recently migrated some applications from SharePoint 2007 to SharePoint 2010. The application uses the SiteData.asmx web service. After the migration there are Access Denied errors, withtout any.... The error I get is: Server was unable to process request. ---> Access is denied. System.Web.Services.Protocols.SoapException: Server was unable to process request. ---&gt; Access is denied... with claims based authentication? Update The real issue is Multiple Membership Providers not really working in a lot of situations. We have to following issues: legacy web services do not fully work. odata

Data information