Hi,
We use a cisco point-to-point VPN to allow employees to connect to the
corporate network from their remote computers that are not members of the
corporate Active Directory domain.
When VPN connected from my non-domain member computer, I open the Windows'
"Run" dialog box and type the path of a shared folder on the corporate
network. After a brief delay I get the "Connect to <path>" dialog box that
requests a User name and Password that I would like to use to connect to the
share. I provide suitable credentials, and after another brief delay I am
connected to the share, and I can open documents and copy files to and from
the share (as folder permissions allow).
So far, however, when I write .NET desktop applications that use the
SqlConnection class to connect to SQL Server via domain authentication, I
cannot get an application to connect through the VPN*. Is there any way to
get a database application to pop up a "Connect to <SqlInstance>" dialog box
so that users can provide their domain credentials to get a connection to
SQL Server from a computer that is not a domain member? I'm interested in
both the SQL 2000 and SQL 2005 cases.
* I get "Login failed for user ''. The user is not associated with a trusted
SQL Server connection..."
Thank you,
Daniel Jameson
SQL Server DBA
Children's Oncology Group
www.childrensoncologygroup.orgHi Daniel,
I understand that when your .NET application tried to connect to your SQL
Server in your coporate domain from a non-domain member computer via VPN,
it failed with the error "Login failed for user ''".
If I have misunderstood, please let me know.
Please check the authentication mode of your SQL Server in Enterprise
Manager or SSMS (SQL Server 2005 Management Studio). If it is Windows
Authentication mode, please change it to Mixed mode and create a SQL login
for the connection of the non-domain computer.
For the client connection string, I recommend that you refer to this
article:
How To: Connect to SQL Server Using SQL Authentication in ASP.NET 2.0
http://msdn2.microsoft.com/en-us/library/ms998300.aspx
Hope this helps. If you have any other questions or concerns, please feel
free to let me know.
Have a good day!
Best regards,
Charles Wang
Microsoft Online Community Support
========================================
=============
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscript...ault.aspx#notif
ications
If you are using Outlook Express, please make sure you clear the check box
"Tools/Options/Read: Get 300 headers at a time" to see your reply promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscript...t/default.aspx.
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||"Daniel Jameson" <danjam47@.newsgroup.nospam> wrote in message
news:%23d5h3kFqHHA.196@.TK2MSFTNGP05.phx.gbl...
> Hi,
> We use a cisco point-to-point VPN to allow employees to connect to the
> corporate network from their remote computers that are not members of the
> corporate Active Directory domain.
> When VPN connected from my non-domain member computer, I open the Windows'
> "Run" dialog box and type the path of a shared folder on the corporate
> network. After a brief delay I get the "Connect to <path>" dialog box
> that requests a User name and Password that I would like to use to connect
> to the share. I provide suitable credentials, and after another brief
> delay I am connected to the share, and I can open documents and copy files
> to and from the share (as folder permissions allow).
> So far, however, when I write .NET desktop applications that use the
> SqlConnection class to connect to SQL Server via domain authentication, I
> cannot get an application to connect through the VPN*. Is there any way
> to get a database application to pop up a "Connect to <SqlInstance>"
> dialog box so that users can provide their domain credentials to get a
> connection to SQL Server from a computer that is not a domain member? I'm
> interested in both the SQL 2000 and SQL 2005 cases.
Try using Run As to execute the app, with the right-click->Run As... menu,
or by creating a shortcut to the EXE and setting the "Run with different
credentials" checkbox (properties->shortcut [tab]->Advanced [button]
.) The
former is a one-off way to do it; the latter causes a login prompt when the
shortcut is used to run the app.
When prompted, specify domain credentials (in domain\user, or user@.domain
format) for the impersonation context. If that works, a Win32 app could
call LoginAsUser to internally provide a seamless login facility... not sure
what the .net equivilent is -- but if the Run As login prompt is adequate,
it's a moot point.
-Mark
> * I get "Login failed for user ''. The user is not associated with a
> trusted SQL Server connection..."
> --
> Thank you,
> Daniel Jameson
> SQL Server DBA
> Children's Oncology Group
> www.childrensoncologygroup.org
>
>
>|||Hi Daniel,
I am interested in this issue. Would you mind letting me know the result of
the suggestions? If you need further assistance, feel free to let me know.
I am very glad to work with you for further research.
Charles Wang
Microsoft Online Community Support
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Charles,
Thank you. We are currently using an encrypted connection string approach
similar to that described in your MSDN reference. I was hoping to get
around having to maintain those SQL Server logins and the user ambiguity
that comes with using a common login for all users.
Thank you,
Daniel Jameson
SQL Server DBA
Children's Oncology Group
www.childrensoncologygroup.org
"Charles Wang[MSFT]" <changliw@.online.microsoft.com> wrote in message
news:FCq36SQrHHA.2300@.TK2MSFTNGHUB02.phx.gbl...
> Hi Daniel,
> I am interested in this issue. Would you mind letting me know the result
> of
> the suggestions? If you need further assistance, feel free to let me know.
> I am very glad to work with you for further research.
> Charles Wang
> Microsoft Online Community Support
> ========================================
==============
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from this issue.
> ========================================
==============
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> ========================================
==============
>|||Hi Daniel,
Did you mean that you wanted to have each of your desktop .NET application
impersonating a different user which could be used for SQL login?
If so, I recommend that you refer to this KB article for adding the
impersonation code:
How to implement impersonation in an ASP.NET application
(Impersonate a Specific User in Code)
http://support.microsoft.com/kb/306158
Hope this helps. Please feel free to let me know if you have any other
questions or concerns.
Have a nice day!
Best regards,
Charles Wang
Microsoft Online Community Support
========================================
=============
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscript...ault.aspx#notif
ications
If you are using Outlook Express, please make sure you clear the check box
"Tools/Options/Read: Get 300 headers at a time" to see your reply promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscript...t/default.aspx.
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Hi Daniel,
What is everything going on? If you have any questions or concerns, please
feel free to post back.
Best regards,
Charles Wang
Microsoft Online Community Support
========================================
=============
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscript...ault.aspx#notif
ications
If you are using Outlook Express, please make sure you clear the check box
"Tools/Options/Read: Get 300 headers at a time" to see your reply promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscript...t/default.aspx.
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment