用户 IIS 登录失败 APPPOOL\WebExploit
Login failed for user IIS APPPOOL\WebExploit
我在 ASP.NET MVC 网站中使用 Windows 针对 Active Directory 的身份验证。我现在正在尝试部署站点进行测试,但问题是我在登录时不断收到以下异常:
Cannot open database "PrincipalServerDB" requested by the login. The login failed.
Login failed for user 'IIS APPPOOL\WebExploit'.
我已按照本教程进行部署以进行测试:https://docs.microsoft.com/en-us/aspnet/web-forms/overview/deployment/visual-studio-web-deployment/deploying-to-iis
我按照此处所述使用身份验证:
http://tech.trailmax.info/2016/03/using-owin-and-active-directory-to-authenticate-users-in-asp-net-mvc-5-application/
使用 OWIN 身份验证。
我意识到我的问题缺乏理解,但这是因为我不明白发生了什么。我已尝试按照此 post 中描述的步骤进行操作,但我已经完成了一个 Grant.sql 脚本来授予访问权限,如下所示:
IF NOT EXISTS (SELECT name FROM sys.server_principals WHERE name = 'IIS APPPOOL\DefaultAppPool')
BEGIN
CREATE LOGIN [IIS APPPOOL\DefaultAppPool]
FROM WINDOWS WITH DEFAULT_DATABASE=[master],
DEFAULT_LANGUAGE=[us_english]
END
GO
CREATE USER [WebExploitUser]
FOR LOGIN [IIS APPPOOL\DefaultAppPool]
GO
EXEC sp_addrolemember 'db_owner', 'WebExploitUser'
GO
他们在第一个教程中说:
When the application runs in IIS on your development computer, the application accesses the database by using the default application pool's credentials. However, by default, the application pool identity does not have permission to open the databases. So you have to run a script to grant that permission. In this section you create the script that you'll run later to make sure that the application can open the databases when it runs in IIS.
也就是说是应用程序有权限吧?不是实际用户?
不知道怎么解决...
如果我查看 SSMS,在我的 PrincipalServerDB 属性中,授权显示 WebExploitUser 已定义。
这是我在 IIS 中的应用程序池:
'Démarré' 表示以法语开头。
如果您按原样执行您发布的代码,您将在 master 数据库中创建用户,而不是在您的用户数据库中。所以你应该在用户数据库中创建它并从 master.
中删除它
所以需要执行以下代码:
use PrincipalServerDB;
create user [IIS APPPOOL\WebExploit] from login [IIS APPPOOL\WebExploit];
EXEC sp_addrolemember 'db_owner', 'IIS APPPOOL\WebExploit';
我在 ASP.NET MVC 网站中使用 Windows 针对 Active Directory 的身份验证。我现在正在尝试部署站点进行测试,但问题是我在登录时不断收到以下异常:
Cannot open database "PrincipalServerDB" requested by the login. The login failed. Login failed for user 'IIS APPPOOL\WebExploit'.
我已按照本教程进行部署以进行测试:https://docs.microsoft.com/en-us/aspnet/web-forms/overview/deployment/visual-studio-web-deployment/deploying-to-iis
我按照此处所述使用身份验证: http://tech.trailmax.info/2016/03/using-owin-and-active-directory-to-authenticate-users-in-asp-net-mvc-5-application/ 使用 OWIN 身份验证。
我意识到我的问题缺乏理解,但这是因为我不明白发生了什么。我已尝试按照此 post 中描述的步骤进行操作,但我已经完成了一个 Grant.sql 脚本来授予访问权限,如下所示:
IF NOT EXISTS (SELECT name FROM sys.server_principals WHERE name = 'IIS APPPOOL\DefaultAppPool')
BEGIN
CREATE LOGIN [IIS APPPOOL\DefaultAppPool]
FROM WINDOWS WITH DEFAULT_DATABASE=[master],
DEFAULT_LANGUAGE=[us_english]
END
GO
CREATE USER [WebExploitUser]
FOR LOGIN [IIS APPPOOL\DefaultAppPool]
GO
EXEC sp_addrolemember 'db_owner', 'WebExploitUser'
GO
他们在第一个教程中说:
When the application runs in IIS on your development computer, the application accesses the database by using the default application pool's credentials. However, by default, the application pool identity does not have permission to open the databases. So you have to run a script to grant that permission. In this section you create the script that you'll run later to make sure that the application can open the databases when it runs in IIS.
也就是说是应用程序有权限吧?不是实际用户? 不知道怎么解决...
如果我查看 SSMS,在我的 PrincipalServerDB 属性中,授权显示 WebExploitUser 已定义。
这是我在 IIS 中的应用程序池:
'Démarré' 表示以法语开头。
如果您按原样执行您发布的代码,您将在 master 数据库中创建用户,而不是在您的用户数据库中。所以你应该在用户数据库中创建它并从 master.
所以需要执行以下代码:
use PrincipalServerDB;
create user [IIS APPPOOL\WebExploit] from login [IIS APPPOOL\WebExploit];
EXEC sp_addrolemember 'db_owner', 'IIS APPPOOL\WebExploit';