IIS / SQL 添加 windows 身份验证后服务器连接错误
IIS / SQL Server connection error after adding windows auth
我有一个 Web 应用程序 运行 使用 匿名身份验证 和连接到 SQL 服务器的连接字符串和专用 SQL 帐户。连接字符串:
<add name="ConnectionString" connectionString="Data Source=xxxxx;Initial Catalog=xxxxx;User ID=xxxxxx;Password=xxxxxx" providerName="System.Data.SqlClient" />
一切正常,但在向应用程序添加访问控制后:
<system.webServer>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" roles="DOMAIN\ADGroup" />
</authorization>
</security>
</system.webServer>
并在 IIS 中更改为 Windows 身份验证 使用与 SQL-服务器的连接的页面停止工作。我没有更改连接字符串。错误信息:
A network-related or instance-specific error occurred while
establishing a connection to SQL Server. The server was not found or
was not accessible. Verify that the instance name is correct and that
SQL Server is configured to allow remote connections. (provider: SQL
Network Interfaces, error: 26 - Error Locating Server/Instance
Specified)
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.
Stack Trace:
[SqlException (0x80131904): A network-related or instance-specific
error occurred while establishing a connection to SQL Server. The
server was not found or was not accessible. Verify that the instance
name is correct and that SQL Server is configured to allow remote
connections. (provider: SQL Network Interfaces, error: 26 - Error
Locating Server/Instance Specified)]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException
exception, Boolean breakConnection) +6318697
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject
stateObj) +245 System.Data.SqlClient.TdsParser.Connect(ServerInfo
serverInfo, SqlInternalConnectionTds connHandler, Boolean
ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean
trustServerCert, Boolean integratedSecurity, SqlConnection
owningObject, Boolean withFailover) +536
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo
serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64
timerExpire, SqlConnection owningObject, Boolean withFailover) +283
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String
host, String newPassword, Boolean redirectedUserInstance,
SqlConnection owningObject, SqlConnectionString connectionOptions,
Int64 timerStart) +6338834
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection
owningObject, SqlConnectionString connectionOptions, String
newPassword, Boolean redirectedUserInstance) +6338792
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity
identity, SqlConnectionString connectionOptions, Object providerInfo,
String newPassword, SqlConnection owningObject, Boolean
redirectedUserInstance) +354
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions
options, Object poolGroupProviderInfo, DbConnectionPool pool,
DbConnection owningConnection) +300
System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection
owningConnection, DbConnectionPoolGroup poolGroup) +45
System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection
owningConnection) +6343166
System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection
outerConnection, DbConnectionFactory connectionFactory) +6343479
System.Data.SqlClient.SqlConnection.Open() +258
System.Web.Management.SqlServices.GetSqlConnection(String server,
String user, String password, Boolean trusted, String
connectionString) +115
[HttpException (0x80004005): Unable to connect to SQL Server
database.]
System.Web.Management.SqlServices.GetSqlConnection(String server,
String user, String password, Boolean trusted, String
connectionString) +4052597
System.Web.Management.SqlServices.SetupApplicationServices(String
server, String user, String password, Boolean trusted, String
connectionString, String database, String dbFileName, SqlFeatures
features, Boolean install) +159
System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String
fullFileName, String dataDir, String connectionString) +825
连接字符串的用法示例:
using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString))
{
conn.Open();
知道是什么原因造成的吗?
With CreateMdfFile in the stack trace it seems like it's trying to connect to a (LocalDb) instance.
我有一个理论。如果您使用 SQL Express 或 LocalDb 连接到本地数据库文件,这实际上是有意义的,因为文件访问取决于代码所在的身份 运行ning。但是与远程 SQL 服务器建立 TCP/IP 连接,即使使用浏览器服务也不会。
并且在 IIS 中匿名请求 运行 默认为 IUSR,并且 Windows Auth 运行s 作为 App Pool Identity,例如 DefaultAppPool
.
因此授予对包含数据库的文件夹的完全控制权,并确保数据库文件启用了 ACL 继承,或者单独授予 App Pool Identity 对这些文件的完全控制权。
我有一个 Web 应用程序 运行 使用 匿名身份验证 和连接到 SQL 服务器的连接字符串和专用 SQL 帐户。连接字符串:
<add name="ConnectionString" connectionString="Data Source=xxxxx;Initial Catalog=xxxxx;User ID=xxxxxx;Password=xxxxxx" providerName="System.Data.SqlClient" />
一切正常,但在向应用程序添加访问控制后:
<system.webServer>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" roles="DOMAIN\ADGroup" />
</authorization>
</security>
</system.webServer>
并在 IIS 中更改为 Windows 身份验证 使用与 SQL-服务器的连接的页面停止工作。我没有更改连接字符串。错误信息:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +6318697
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +245 System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, SqlConnection owningObject, Boolean withFailover) +536
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject, Boolean withFailover) +283
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart) +6338834
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) +6338792
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) +354
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) +300
System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup) +45
System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) +6343166
System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) +6343479
System.Data.SqlClient.SqlConnection.Open() +258
System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) +115[HttpException (0x80004005): Unable to connect to SQL Server database.]
System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) +4052597
System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install) +159
System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) +825
连接字符串的用法示例:
using (SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString))
{
conn.Open();
知道是什么原因造成的吗?
With CreateMdfFile in the stack trace it seems like it's trying to connect to a (LocalDb) instance.
我有一个理论。如果您使用 SQL Express 或 LocalDb 连接到本地数据库文件,这实际上是有意义的,因为文件访问取决于代码所在的身份 运行ning。但是与远程 SQL 服务器建立 TCP/IP 连接,即使使用浏览器服务也不会。
并且在 IIS 中匿名请求 运行 默认为 IUSR,并且 Windows Auth 运行s 作为 App Pool Identity,例如 DefaultAppPool
.
因此授予对包含数据库的文件夹的完全控制权,并确保数据库文件启用了 ACL 继承,或者单独授予 App Pool Identity 对这些文件的完全控制权。