Hi,
I created a login 'Network service' at server level in Management Studio
express.
I use windows authentification.
Then i defined an user for my database which is associated to login 'Network
service', because the application asp.net uses that account (IIS 6.0). This
user received db_read and db_write roles.
This works.
Now i experimented a little bit and i removed from the logins at server
level the login 'Network service'.
Result: the application still works.
.
Then i removed the Builtin\users login from the login list at server level.
Result: i get the error: "login failed for Network service".
I recreated then the login 'Network Service' at server level but not the
Builtin\users login.
Result: it works again.
My conclusion is: one of the two logins must be in the list: Network Service
or Builtin\users
Is this right?
Why do i get that error when both logins are removed and not only when
Network Service is removed?
Thanks
JeanBecause you're using Windows Authentication. From what you described it
doesn't sound like the connection to the db server ever came in using the
Network Service login, but rather came in using Builtin\users.
"Jean" wrote:
> Hi,
> I created a login 'Network service' at server level in Management Studio
> express.
> I use windows authentification.
> Then i defined an user for my database which is associated to login 'Network
> service', because the application asp.net uses that account (IIS 6.0). This
> user received db_read and db_write roles.
> This works.
> Now i experimented a little bit and i removed from the logins at server
> level the login 'Network service'.
> Result: the application still works.
> ..
> Then i removed the Builtin\users login from the login list at server level.
> Result: i get the error: "login failed for Network service".
> I recreated then the login 'Network Service' at server level but not the
> Builtin\users login.
> Result: it works again.
> My conclusion is: one of the two logins must be in the list: Network Service
> or Builtin\users
> Is this right?
> Why do i get that error when both logins are removed and not only when
> Network Service is removed?
> Thanks
> Jean
>
>|||Thanks, but after deleting the login Network Service, the user still is
mapped to Network Service account, no? If i delete that user, then the
application fails.
"Hurme" <michael.geles@.thomson.com> schreef in bericht
news:1F40DC8A-A258-4900-BD8B-1B312F151ED4@.microsoft.com...
> Because you're using Windows Authentication. From what you described it
> doesn't sound like the connection to the db server ever came in using the
> Network Service login, but rather came in using Builtin\users.
>
> "Jean" wrote:
>> Hi,
>> I created a login 'Network service' at server level in Management Studio
>> express.
>> I use windows authentification.
>> Then i defined an user for my database which is associated to login
>> 'Network
>> service', because the application asp.net uses that account (IIS 6.0).
>> This
>> user received db_read and db_write roles.
>> This works.
>> Now i experimented a little bit and i removed from the logins at server
>> level the login 'Network service'.
>> Result: the application still works.
>> ..
>> Then i removed the Builtin\users login from the login list at server
>> level.
>> Result: i get the error: "login failed for Network service".
>> I recreated then the login 'Network Service' at server level but not the
>> Builtin\users login.
>> Result: it works again.
>> My conclusion is: one of the two logins must be in the list: Network
>> Service
>> or Builtin\users
>> Is this right?
>> Why do i get that error when both logins are removed and not only when
>> Network Service is removed?
>> Thanks
>> Jean
>>|||I'm not sure about whether or not the Network Service id would still be
mapped or not, but I just did a test on one of my sql servers. I previously
did not have the BUILTIN\Users login and tried to login with a domain account
login that did not exist on the sql server nor the windows 2003 server. When
I tried to login access was denied. Once I created the BUILTIN\Users login on
hte sql server I was able to get in.
"Jean" wrote:
> Thanks, but after deleting the login Network Service, the user still is
> mapped to Network Service account, no? If i delete that user, then the
> application fails.
> "Hurme" <michael.geles@.thomson.com> schreef in bericht
> news:1F40DC8A-A258-4900-BD8B-1B312F151ED4@.microsoft.com...
> > Because you're using Windows Authentication. From what you described it
> > doesn't sound like the connection to the db server ever came in using the
> > Network Service login, but rather came in using Builtin\users.
> >
> >
> >
> > "Jean" wrote:
> >
> >> Hi,
> >>
> >> I created a login 'Network service' at server level in Management Studio
> >> express.
> >> I use windows authentification.
> >> Then i defined an user for my database which is associated to login
> >> 'Network
> >> service', because the application asp.net uses that account (IIS 6.0).
> >> This
> >> user received db_read and db_write roles.
> >>
> >> This works.
> >>
> >> Now i experimented a little bit and i removed from the logins at server
> >> level the login 'Network service'.
> >> Result: the application still works.
> >> ..
> >> Then i removed the Builtin\users login from the login list at server
> >> level.
> >> Result: i get the error: "login failed for Network service".
> >>
> >> I recreated then the login 'Network Service' at server level but not the
> >> Builtin\users login.
> >> Result: it works again.
> >>
> >> My conclusion is: one of the two logins must be in the list: Network
> >> Service
> >> or Builtin\users
> >>
> >> Is this right?
> >> Why do i get that error when both logins are removed and not only when
> >> Network Service is removed?
> >>
> >> Thanks
> >> Jean
> >>
> >>
> >>
>
>|||Ok, thanks
"Hurme" <michael.geles@.thomson.com> schreef in bericht
news:6D07EA51-00F3-4787-91A8-95C6BF5C2B4C@.microsoft.com...
> I'm not sure about whether or not the Network Service id would still be
> mapped or not, but I just did a test on one of my sql servers. I
> previously
> did not have the BUILTIN\Users login and tried to login with a domain
> account
> login that did not exist on the sql server nor the windows 2003 server.
> When
> I tried to login access was denied. Once I created the BUILTIN\Users login
> on
> hte sql server I was able to get in.
>
> "Jean" wrote:
>> Thanks, but after deleting the login Network Service, the user still is
>> mapped to Network Service account, no? If i delete that user, then the
>> application fails.
>> "Hurme" <michael.geles@.thomson.com> schreef in bericht
>> news:1F40DC8A-A258-4900-BD8B-1B312F151ED4@.microsoft.com...
>> > Because you're using Windows Authentication. From what you described
>> > it
>> > doesn't sound like the connection to the db server ever came in using
>> > the
>> > Network Service login, but rather came in using Builtin\users.
>> >
>> >
>> >
>> > "Jean" wrote:
>> >
>> >> Hi,
>> >>
>> >> I created a login 'Network service' at server level in Management
>> >> Studio
>> >> express.
>> >> I use windows authentification.
>> >> Then i defined an user for my database which is associated to login
>> >> 'Network
>> >> service', because the application asp.net uses that account (IIS 6.0).
>> >> This
>> >> user received db_read and db_write roles.
>> >>
>> >> This works.
>> >>
>> >> Now i experimented a little bit and i removed from the logins at
>> >> server
>> >> level the login 'Network service'.
>> >> Result: the application still works.
>> >> ..
>> >> Then i removed the Builtin\users login from the login list at server
>> >> level.
>> >> Result: i get the error: "login failed for Network service".
>> >>
>> >> I recreated then the login 'Network Service' at server level but not
>> >> the
>> >> Builtin\users login.
>> >> Result: it works again.
>> >>
>> >> My conclusion is: one of the two logins must be in the list: Network
>> >> Service
>> >> or Builtin\users
>> >>
>> >> Is this right?
>> >> Why do i get that error when both logins are removed and not only when
>> >> Network Service is removed?
>> >>
>> >> Thanks
>> >> Jean
>> >>
>> >>
>> >>
>>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment