locked
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' RRS feed

  • Question

  •  

    Hi,

    We are building a web part to display user specific data from SQL Server. The Sharepoint application and SQL database are on two different servers. But when we use Integrated security to to connect to the database from the web part it gives the following error

     

    Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

     

    Since the data being displayed in the web part is user specific, we cannot use sql authentication. The user that we are using to connect exists in the database. We have also tried impersonating the current windows identity to itself using WindowIdentity.GetCurrent().Impersonate(), but that does not work either. We cannot use an admin account for impersonation becuase user specific display is needed.

     

    Any help or pointers regarding this issue will be greatly appreciated.

    Thanks

    --
    Vedanshu Mandvikar

    Friday, February 22, 2008 9:24 AM

Answers

  • Hi Vedanshu,

     

    Are you running NTLM or Kerberos authentication.  You can have a look in Central Administration.

     

    "Login failed for user ..." is a common sympton when Kerberos is not configured correctly or at all as the credentials are getting lost when the packet hops from the one server to the next.

    • Proposed as answer by GokouZWAR Monday, February 28, 2011 5:58 PM
    • Marked as answer by Mike Walsh FIN Monday, February 28, 2011 10:19 PM
    Wednesday, July 16, 2008 8:00 PM

All replies

  • I have the same problem. Tried this doc:

     

    http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/tkerberr.mspx#ENE

     

    but it can not help me.

     

    Friday, March 14, 2008 1:28 PM
  • I have a similar problem after installing WSS SP1 on my MOSS machine.

     

    The update seemed to run fine until step 8 of 9 and just hang all weekend.

     

    The logs keep showing a Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

     

    Non of the SharePoint sites on that machine allow anonymous access so I'm surprised to see any reference to it.

     

    I've used SQL Authentication between SharePoint and SQL Server and the farm administrator is dbowner on all databases using its Integrated Security login.

     

    Any ideas?

     

    Monday, July 14, 2008 1:28 AM
  • Hi Vedanshu,

     

    Are you running NTLM or Kerberos authentication.  You can have a look in Central Administration.

     

    "Login failed for user ..." is a common sympton when Kerberos is not configured correctly or at all as the credentials are getting lost when the packet hops from the one server to the next.

    • Proposed as answer by GokouZWAR Monday, February 28, 2011 5:58 PM
    • Marked as answer by Mike Walsh FIN Monday, February 28, 2011 10:19 PM
    Wednesday, July 16, 2008 8:00 PM
  • Hi, did you ever find a solution to this issue? I have exactly same issue with MOSS and custom webpart connecting to SQL with Integrated Security. We have kerberos setup correctly but it is still now working. Any help would be appreciated.

     

    Thanks

    Dee

    Sunday, April 26, 2009 1:33 PM
  • This is an over nine month old thread you are posting to.

    It would be better to start a new thread describing exactly your problem and with a new title that reflects exactly your problem.

    (Moderator)

    WSS FAQ sites: WSS 2.0: http://wssv2faq.mindsharp.com WSS 3.0 and MOSS 2007: http://wssv3faq.mindsharp.com
    Total list of WSS 3.0 and MOSS 2007 Books (including foreign language titles) http://wssv3faq.mindsharp.com/Lists/v3%20WSS%20FAQ/V%20Books.aspx
    Sunday, April 26, 2009 3:25 PM
  •  Hi

    I know its a litlle late reply, but I also stumbled into the same problem and resolved this. Thought to share with you all.

    I can understand why you may not want to introduce SQL authentication as client may not be in favour of that.

    To make Windows Authentication to work, you may folow following steps:

    1) In web.config specify authentication to windows

    2) In web.config Impersonate identity to true

    3) Create a new domain virtual user for the application, say abc@mydomain.com, with some password

    4) In the impersonation section, specify this userid and password

    5) In IIS, remove anonymous access and check integrated windows authentication

    6) Provide access to this new user access to IIS metabase using aspnet_regiis -ga "mydomain\username"

    7) Provide access to this user access to physical directory of your virtual directory. You will need to add this user there.

    8) Note that if your application is writing to some log file, you will also need to provide 'write' rights as well

    9) Note that if your application is accessing some database with execution of some stored procs, you will need to add this user to sql server logins with dbowner right to the application database.

    Also, you may not want to fall into the security trap by providing access to NT Authority/Anonymous Logon, so in this case creating your own application user will help.

    Moderator Note: NEVER ask people to mark your posts as answers. Deleted.


    Project Lead
    • Edited by Mike Walsh FIN Monday, February 28, 2011 10:18 PM Moderator Note about never asking for posts to be marked as answers added
    Thursday, August 6, 2009 8:56 AM
  • Hello Vishal Dogra,

                               Thankz....it is workinf for me ya...last one day i was searching...now i got.......really happpppy aaa.........

    Friday, May 14, 2010 6:12 AM
  • I got the same error in ItemUpdated Event Receiver today when trying to access SQL server db, I fixed by wrap the access db part inside SPSecurity.RunWithElevatedPrivileges
    Saturday, January 9, 2016 1:27 AM