堆栈内存溢出
  简体   繁体   English

由于切换到IIS7,因此使用匿名登录连接到SQL

[英]Connecting to SQL with ANONYMOUS LOGON since switch to IIS7

 原文  2008-11-14 08:22:23       asp.net/ iis/ iis-7

问题描述

I've recently had my PC upgraded to Vista, which means it includes IIS7. 我最近将PC升级到Vista,这意味着它包含IIS7。 The problem is that the ASP.NET website we're working on doesn't work anymore. 问题是我们正在使用的ASP.NET网站不再起作用。 I get an error because the application is trying to connect to the SQL Server with NT AUTHORITY/ANONYMOUS LOGON instead of my domain user, and anonymous isn't authorized. 我收到一个错误消息,因为该应用程序尝试使用NT AUTHORITY / ANONYMOUS LOGON(而不是我的域用户)连接到SQL Server,并且未授权匿名。 I've tried several things, but no solution yet: - install and enable the 'IIS Metabase and IIS 6 configuration compatibility' - enable Windows Authentication for this website - created a different Application Pool with managed pipeline mode set to Classic - enabled IIS6 WMI compatibility and IIS6 management console (getting desperate here) 我已经尝试了几件事,但是还没有解决方案:-安装并启用“ IIS元数据库和IIS 6配置兼容性”-为该网站启用Windows身份验证-创建了将托管管道模式设置为“经典”的其他应用程序池-启用了IIS6 WMI兼容性和IIS6管理控制台(在此绝望)

In our web.config there's and in our machine.config there's . 在我们的web.config中,在我们的machine.config中,有。 I've tried putting impersonate to false and entering my domain user and password in the machine.config (it used to be like this) but that didn't help either. 我曾尝试将假冒的身份设置为false,然后在machine.config中输入我的域用户名和密码(以前是这样的),但这也无济于事。

Are there things I'm missing? 有什么我想念的吗? Has anyone else had a similar problem? 还有其他人有类似的问题吗?

4 个解决方案

解决方案1
 1  2008-11-15 05:21:22

How does your application authenticate with SQL Server? 您的应用程序如何通过SQL Server进行身份验证? Does it use SQL or Windows Auth? 它使用SQL还是Windows Auth? I hope you are trying to use Windows Auth. 希望您尝试使用Windows Auth。 In that case, your IIS worker process should be running under that Windows user account. 在这种情况下,您的IIS工作进程应在该Windows用户帐户下运行。 If not, it should at the least impersonate a Windows user account that has necessary access rights to SQL Server. 如果不是,它至少应模拟一个对SQL Server具有必要访问权限的Windows用户帐户。 If you have impersonation enabled and if you are using the right Windows user account and if SQL Server authenticates using Windows auth and if you are still unable to access SQL Server, you may be running into the classic double hop issue. 如果启用了模拟,并且使用的是正确的Windows用户帐户,并且SQL Server使用Windows auth进行了身份验证,并且仍然无法访问SQL Server,则可能会遇到经典的双跳问题。 In other words, you are trying to authenticate to IIS once and you are using the same crdentials to authenticate to the SQL Server over a network next(which is your second hop) and Windows does not allow that for security reasons. 换句话说,您尝试一次向IIS进行身份验证,并且使用相同的凭据通过网络(这是您的第二跳)通过网络向SQL Server进行身份验证,并且出于安全原因,Windows不允许这样做。

解决方案2
 1 已采纳  2008-11-20 12:13:57

I believe I have found a/the solution. 我相信我已经找到了解决方案。 At least it's working now. 至少现在正在工作。 This is what I did: 这是我所做的:

  • The website is now running in a seperate application pool with Managed Pipeline mode set to classic, Load userprofile set to False and Identity set to custom and using a domain user (and password) that has access to the database. 该网站现在在单独的应用程序池中运行,其“托管管道”模式设置为“经典”,“加载用户配置文件”设置为“ False”,“身份”设置为“自定义”,并使用有权访问数据库的域用户(和密码)。
  • Under 'authorization' of the website itself, I have Anonymous set to enabled and ASP.NET impersonate set to disabled. 在网站本身的“授权”下,我将“匿名”设置为启用,将ASP.NET模拟设置为禁用。
  • in the web.config of the site is also set. 在站点的web.config中也已设置。

Credit where it's due, this site helped me. 归功于该站点该站点对我有所帮助。

解决方案3
 0  2008-11-18 08:13:28

I'm sorry to say I can't look into the issue any further. 很抱歉,我无法进一步调查该问题。 Indeed, it probably is something with the way we connected to SQL Server (Win Auth) because we've changed it now. 确实,这可能与我们连接到SQL Server(Win Auth)的方式有关,因为我们现在已经对其进行了更改。 Now we connect with username and password in the connection string and it's solved. 现在,我们在连接字符串中使用用户名和密码进行连接,此问题已解决。 So I can't really say if you provided the answer, msvcyc, but I did vote on your solution. 所以我真的不能说您是否提供了答案,msvcyc,但我确实对您的解决方案进行了投票。 Thanks for the time and trouble. 感谢您的时间和麻烦。

解决方案4
 0  2008-11-23 11:30:37

Well, I recommend you migrate to Integrated mode if there is not too many troubles to enjoy the innovation it brings. 好吧,如果没有太多麻烦可以享受它带来的创新,我建议您迁移到集成模式。 :) :)

http://mvolo.com/blogs/serverside/archive/2007/12/08/IIS-7.0-Breaking-Changes-ASP.NET-2.0-applications-Integrated-mode.aspx http://mvolo.com/blogs/serverside/archive/2007/12/08/IIS-7.0-Breaking-Changes-ASP.NET-2.0-applications-Integrated-mode.aspx

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 通过本地IIS7通过别名连接到SQL Server时出错 - Error connecting to SQL Server via alias from local IIS7 我应该切换到IIS7 URL重写吗? - Should I switch to IIS7 URL rewriting? IIS7 —启用表单/匿名身份验证的401.2错误 - IIS7 — 401.2 Error with Forms/Anonymous Auth Enabled 在 IIS7 上的雅加达重定向后使用 Windows 集成身份验证和匿名 - Using Windows Integrated Auth & Anonymous after jakarta redirect on IIS7 使用受信任的连接使用IIS7从DMZ Web服务器连接到内部SQL Server 2008 R2? - Connecting to internal SQL Server 2008 R2 from DMZ web server using IIS7 using a trusted connection? 从IIS7打开SQL连接? - Opening SQL Connection from IIS7? IIS7中的SQL Server和Windows身份验证 - SQL Server and windows authentication in IIS7 匿名访问(IIS)和SQL Server - Anonymous access (IIS) and SQL Server IIS7应用程序使用了错误的SQL Server 2008 Express数据库 - IIS7 application using wrong SQL Server 2008 Express database 连接到ASP.NET IIS7托管网站时出错,“ /”应用程序中出现服务器错误 - Error connecting to ASP.NET IIS7 hosted website getting error Server Error in '/' Application
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM