Login failed for user NT AUTHORITY\IUSR
https://dba.stackexchange.com/questions/233386
-
26-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFrage
I have some developer colleagues in my office that are having a problem similar to this one:
db connection uses an anonymous logon instead of the domain user
the connection string (he is working on his local machine) is:
Data Source=localhost\Development;Integrated Security=SSPI;Database=COLA;Connection Reset=FALSE
and it is getting the error message below:
Login failed for user 'NT AUTHORITY\IUSR'.
where this login AUTHORITY\IUSR came from - we don't need it?
How can we make the Integrated Security=SSPI; get his local login instead of the AUTHORITY\IUSR?
Lösung
Following the links in the comments provided by Biju jose and vonPryz
Understanding Built-In User and Group Accounts in IIS 7
Configure ASP.NET Impersonation Authentication (IIS 7)
we were following these steps:
To grant an anonymous account rights on the network by using IIS Manager:
Click Start, type INetMgr.exe, and then click Enter. If prompted, click Continue to elevate your permissions.
In the Connections section, click the + button next to the name of your computer.
In IIS Manager, double-click the site that you want to administer.
In the Features View, double-click Authentication.
Select Anonymous Authentication, and then click Edit in the Actions pane.
In the Edit Anonymous Authentication Credentials dialog box, click the Specific user option, and then click Set.
In the Set Credentials dialog box, input the user name and password desired, and then click OK.
But instead of doing the number 6 we just changed the setting to
Application Pool Identityas you can see on the second picture below.
Changing the IIS settings to Application Pool Identity allowed the Windows Authentication to kick in and the active directory account was used to login into sql server.
That account had been previously configured to do so, therefore no more login problems for that user.
I would add that: Is “NT AUTHORITY\ANONYMOUS LOGON” login “mandatory”?
Andere Tipps
I just got this error and solved it on my own. In SQL Server Management Studio, create a new login NT AUTHORITY\IUSR. Add it to the roles public and systemadmin.
