question

SAN1901 avatar image
SAN1901 asked

[Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

Hi All:

Maybe I did not explain myself very clear. Here you have a better description of the problem:

Scenario:

Server1: Windows Server 2003 with IIS and SQL Server 2000 running together. An ODBC connection is used to connect the pages on the IIS to the database in SQL. IIS, ODBC and SQL server are using Windows authentication (Anonymous is disable in the IIS.) The ODBC verify the authenticity of the login ID with Windows NT authentication using the network login ID.

Server 2: Windows Server 2008 (Datacenter), SQL Server 2008. Even thought, I installed IIS in this server, I do not use it for anything else but Reporting Services. IIS is in a default configuration.

Here it is the change I am trying to accomplish: 1. A moved the database from Server 1 (SQL 2000) to Server 2 (SQL 2008). No problems so far. I can access the data in both servers without any problem and run all store procedures, etc., etc. using the SQL Management Studio.

  1. I go to Server 1 and change the ODBC connection to point to the new location (Server 2) and I get the following error when I try to access the database thru Internet Explorer on my PC.

Description: [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
Source: Microsoft OLE DB Provider for ODBC Drivers
SQLState: 28000
NativeError: 18456

  1. The servers are located in the same domain. We use active directory. I belong to the administrator group of the domain and I have administrator rights on both SQL Servers.

  2. The pages that connect to the database were created using regular ASP/ADO and VBScript. Nothing fancy, plain vanilla code as you can see by the following VBScript section of a page:

On Error Resume Next

Dim oConn
Dim blnCriticalError

Set oConn = Server.CreateObject("ADODB.Connection")
oConn.Open "DSN=ODBCName"

Set oRSz = Server.CreateObject("ADODB.RecordSet")
oRSz.Open "SQLTable", oConn

  1. Are there any suggestions on how to solve this problem? I do not want to use AUTHORITY\ANONYMOUS to connect to the SQL server which if I added to the logins of the SQL server 2008 the page works just fine.

Thank you all.

sql-server-2008securitypermissions
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
Matt Whitfield avatar image
Matt Whitfield answered

Are the two SQL servers in the same domain? If not, is there a trust relationship between the domains to which they belong?

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

SAN1901 avatar image SAN1901 commented ·
Yes, both servers are in the same domain.
0 Likes 0 ·
Jimmy avatar image
Jimmy answered

Look at the SQL 2008 box's security. is it set to Windows Auth or mixed?

You should also look at the web apps config...

It doesn't look like the app is getting the users credentials

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.