I've a web application hosted on Windows Server 2008 64 Bit with IIS 7 and SQL Server 2008. The web application pool account is Network Service and I've added this account to SQL Server 2008 logins and mapped to user in database with dbowner rights.
This Web site is in ASP.Net 2.0 and it's using Forms Authentication to secure access to some of its resources(not all) so Anonymous Access, Imersonation=True and Forms Authentication is Enabled in IIS 7. Web application is utilizing Membership Provider Controls.
When the website starts; inside the "Application starts" it tries to connect to database and read some startup configurations. The connection string for database is saved in web.config. Following is the connection string.
Data Source=XXXXX; Initial Catalog=XXXXX; Integrated Security=SSPI; Trusted_Connection=True;
However When the application starts it failed to connect to database and I found following 3 entries in Event Log.
SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed. [CLIENT: ]
Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: ]
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 4/26/2011 9:22:05 PM
Event time (UTC): 4/26/2011 6:22:05 PM
Event ID: 71a4b2cd8d40492ab89af3430cf42ea5
Event sequence: 2
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/5/ROOT-1-129483157247676684
Trust level: Full
Application Virtual Path: /
Application Path: C:\LMS Projects\Deployment\Web Applications\Microsoft Dynamics CRM Customer LMS Portal\
Machine name: LMS
Process information:
Process ID: 3688
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: LoyaltyException
Exception message: Exception of type 'LMS.Helpers.LoyaltyException' was thrown.
Request information:
Request URL: http://localhost:6666/default.aspx
Request path: /default.aspx
User host address: ::1
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 4
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at ASP.global_asax.Application_Start() in c:\LMS Projects\Deployment\Web Applications\Microsoft Dynamics CRM Customer LMS Portal\Global.asax:line 27
The exception shown above is custom exception which I throws after handling the platform exception so not to be mistaken with the error in the code. This code is working fine on Windows Server 2003 and IIS 6.0 environment.
Impersonation will cause your anonymous user to be used, rather than your app pool user.
Here are a couple recommendations:
User contributions licensed under CC BY-SA 3.0