开发者

Cannot connect to SQL Server with application pool running with network service account

开发者 https://www.devze.com 2023-02-15 02:13 出处:网络
We have an ASP.NET 3.5 application running on Windows 2003. For migration purposes this application connects through ODBC to a very old version of SQL Server 4.21. It always worked until one day stop

We have an ASP.NET 3.5 application running on Windows 2003. For migration purposes this application connects through ODBC to a very old version of SQL Server 4.21. It always worked until one day stop to work (server doesn't exists or access denied) on all the servers. After a week of research we realize that the problem is the account that run the application pool used in the web application (network service), if we change this account to "local service" or "local system" the connection works, but with these account many other problems appear. with "local system" account all works, but we think is not secure to use an account with admin privileges.

The goal would be:

  • Make the connection work with the application pool running with Network service account
  • Know why if it worked for a few months with network service, stop to work.

Maybe we need to grant some privileges to an odbc libr开发者_开发百科ary or something like that, maybe some security update from windows update was causing the problem.

Some clues:

  • The web application is running through IIS under Windows 2003. This Windows 2003 is

    over an Active Directory domain

  • The SQL Server is over a NT domain. (NT 3.51)
  • The ODBC system DSN is using "SQL Server" driver, with TCP/IP or Named Pipes on client configuration.
  • The connection to the database use a SAL account, not a trusted connection.
  • The connection always worked, and stop to work at 24/02/2011 on all servers and developers workstations

Any thoughts?


You can connect to SQL running as the network service account. On the SQL end, make sure that you have granted access to the DB for "\$". If you are in domain EMEA and the machine's name is "machine1", then the user to grant access to is "EMEA\machine1$".

0

精彩评论

暂无评论...
验证码 换一张
取 消