http://forums.iis.net/1043.aspxDiscussions around the security of IIS 7 including compentization, hidden directories, or authentication\authorizationenCommunityServer 2007 SP1 (Build: 20510.895)http://forums.iis.net/thread/1884841.aspxFri, 14 Nov 2008 12:49:16 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1884841MoonCSD0http://forums.iis.net/thread/1884841.aspxhttp://forums.iis.net/commentrss.aspx?SectionID=1043&PostID=1884841<p>Thanks to Rick Anderson, I was able to get this working:</p> <p><a href="http://weblogs.asp.net/nannettethacker/archive/2008/11/14/membership-provider-connections-to-remote-database.aspx">http://weblogs.asp.net/nannettethacker/archive/2008/11/14/membership-provider-connections-to-remote-database.aspx</a></p> <p>&nbsp;</p>http://forums.iis.net/thread/1884788.aspxThu, 13 Nov 2008 21:56:14 GMT50bcf3b4-f6fe-4638-adff-0c150e922e99:1884788MoonCSD0http://forums.iis.net/thread/1884788.aspxhttp://forums.iis.net/commentrss.aspx?SectionID=1043&PostID=1884788<p>I have windows 2008 web server edition and IIS7, and sql server 2008 web server edition.</p> <p>On my windows 2000 server and database servers, I use asp.net membership with no problems. But I am having login problems using the membership provider with 2008 and IIS7. I have no problems viewing grids and doing database things that do not require log in. It only effects the membership provider logins and other functionality.</p> <p>In the app pool I did this:</p> <p>Set the identity on the app pool in IIS7 to &quot;NetworkService&quot; I tried both Integrated and Classic.</p> <p>I have forms authentication enabled and anonymous authentication with my SQLIISUser and the password inserted in the IIS7 for this website.</p> <p>I have tried a connection string with both windows authentication and sql server authentication:</p> <p>I was told to: update your connection string to &quot;Integrated Security=SSPI;&quot; not &quot;Integrated Security=true;&quot; - which I did.</p> <p>This gives login failed for anonymous user error: </p> <p>&lt;add name=&quot;XXConnectionString&quot; connectionString=&quot;Data Source=xx.xx.xx.xx;Initial Catalog=XX;Integrated Security=SSPI&quot; providerName=&quot;System.Data.SqlClient&quot; /&gt;</p> <p>This gives log in failed for SQLIISUser.</p> <p>&lt;add name=&quot;XXConnectionString&quot; connectionString=&quot;Data Source=xx.xx.xx.xx;Initial Catalog=XX;</p> <p>Persist Security Info=True;User ID=SQLIISUser;Password=XXXXXX&quot;</p> <p>providerName=&quot;System.Data.SqlClient&quot; /&gt;</p> <p>My membership settings also include:</p> <p>&lt;appSettings&gt;</p> <p>&lt;add key=&quot;MembershipConnectionStringName&quot; value=&quot;XXConnectionString&quot; /&gt;</p> <p>&lt;/appSettings&gt;</p> <p>&lt;system.web&gt;</p> <p>&lt;membership defaultProvider=&quot;AspNetSqlMembershipProvider&quot; hashAlgorithmType=&quot;SHA1&quot; userIsOnlineTimeWindow=&quot;15&quot;&gt;</p> <p>&lt;providers&gt;</p> <p>&lt;clear /&gt;</p> <p>&lt;add name=&quot;AspNetSqlMembershipProvider&quot; type=&quot;System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a&quot; connectionStringName=&quot;XXConnectionString&quot; applicationName=&quot;/&quot; passwordFormat=&quot;Hashed&quot; enablePasswordRetrieval=&quot;false&quot; enablePasswordReset=&quot;true&quot; requiresQuestionAndAnswer=&quot;true&quot; requiresUniqueEmail=&quot;false&quot; maxInvalidPasswordAttempts=&quot;5&quot; minRequiredPasswordLength=&quot;7&quot; minRequiredNonalphanumericCharacters=&quot;1&quot; passwordStrengthRegularExpression=&quot;&quot; passwordAttemptWindow=&quot;10&quot; /&gt;</p> <p>&lt;/providers&gt;</p> <p>&lt;/membership&gt;</p> <p>&lt;roleManager defaultProvider=&quot;AspNetSqlRoleProvider&quot; cacheRolesInCookie=&quot;true&quot; cookieName=&quot;.ASPXROLES&quot; cookiePath=&quot;/&quot; cookieProtection=&quot;All&quot; cookieRequireSSL=&quot;false&quot; cookieSlidingExpiration=&quot;true&quot; cookieTimeout=&quot;30&quot; createPersistentCookie=&quot;false&quot; maxCachedResults=&quot;25&quot; enabled=&quot;true&quot;&gt;</p> <p>&lt;providers&gt;</p> <p>&lt;clear /&gt;</p> <p>&lt;add name=&quot;AspNetSqlRoleProvider&quot; connectionStringName=&quot;XXConnectionString&quot; applicationName=&quot;/&quot; type=&quot;System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a&quot; /&gt;</p> <p>&lt;/providers&gt;</p> <p>&lt;/roleManager&gt;</p> <p>On the SQL Server 2008 database, I have the SQLIISUser setup as a user, and given dbdatareader and dbdatawriter and public permissions on the database. I also have a &quot;NT AUTHORITY\NETWORK SERVICE&quot; user with db_owner access.</p> <p>Again, all database connections work fine remotely, with windows authentication and with sql server authentication if only viewing data in a grid or doing inserts or updates, etc. But once I try to use the membership stuff, that&#39;s where it fails.</p> <p>Please help.</p> <p>Partial stack trace for login failed for sql user:</p> <p>System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +4844759</p> <p>System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +194</p> <p>System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +2392</p> <p>System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) +35</p> <p>Thanks!</p> <p>&nbsp;</p>