tags:

views:

204

answers:

4
+1  Q: 

C# asp.net cannot open user default database

I pulled an ASPNETDB.MDF off of a server for a ASP site using Forms authentication to my local machine. I added a new user to the database file using the ASP.NET Website Configuration tool. I copied the MDF back to the server and now, i get the following exception whenever I try to log in as any user:

Cannot open user default database. Login failed. Login failed for user 'NT AUTHORITY\NETWORK SERVICE'

I have been googling and read all of the other solutions to this problem here on SO as well and haven't found anything that works.

The server has SQL Server 2008 on it and that's what I am using on my local machine with VS 2008 Professional.

My connection string:

<add name="ASPNETDBConnectionString1" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\ASPNETDB.MDF;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/>

I'm new to SQL Server so I am pretty sure I messed something up somewhere.

Any help greatly appreciated.

Thanks!

A: 

Your description of the issue is incomplete or not consistent with the error. You will need to provide a bit more information for a better answer, but here is my preliminary answer.

The error indicates that your application is using integrated authentication to SQL. So, it would help to see the connection string. It likely says 'SSPI' somewhere. What this means is that the user that the app container is running as (NETWORK SERVICE) is trying to connect to the database, and it can't because it does not have the permission to do so.

So you either changed the connection string as part of what you did, or NETWORK SERVICE was previously a database user (not a good idea, I think).

There are possible other security-related settings at play in your web.config. Your app appears to use forms authentication. If IIS is set to allow anonymous access, and your web.config is set to do impersonation, then that could also cause the NETWORK SERVICE trying to connect to SQL.

How is the application supposed to connect? Do you have a service account (a single user account) that all users who authenticate through forms authentication should go through for database operations? If so, then you need to change your database connection string to contain a user and password.

In order to fix this, you need to check your connection string, any forms-auth related settings in the web.config, and the security settings in IIS. None of this I think has to do with the fact that you added a user.

Edit: So you are using Integrated Security, like I suspected. This won't work with Forms Auth, because while a user is authenticating against your app with their user id, your app authenticates against the database with integrated auth, i.e. NETWORK SERVICE. You need a database service account, imo, and I don't know how this can have worked before if you did not change the connection string.

cdonner  2009-11-30 03:40:06
I did not modify web.config at all. Just copied the MDF file over. I assume that I messed up some properties or something in the copy.This was working before I copied the modified MDF over, and would like to continue, for the time being, to use the current web.config file.
Casey  2009-11-30 04:09:51
Mark is correct that database users are not portable between instances, and the a database that is moved between servers needs to have the logins remapped to that database. You can always try to do that, but it won't allow NETWORK SERVICE to connect to your data base. You use plain database-driven Forms Auth, without any Active Directory integration, correct? I have to admit that I have never used SQLEXPRESS, but I don't think the security is different from SQL Server.
cdonner  2009-11-30 04:20:48
Btw, it is very easy to create web forms that let you add and edit Forms Authentication user accounts. Moving the database back and forth is probably not the best way to manage your users.
cdonner  2009-11-30 04:21:41
This was all setup before I came on. Again, I didn't modify the web.config file at all on the server. I just copied the mdf file over. I need to figure out how to make this work. Network Service according to the properties on the file and folder, does have access to it.
Casey  2009-12-01 01:01:14
Check in Management Studio if Network Service is a user in your database. If it is, delete it from the database (do not delete the login). Then remap the Network Service login as a user to your database (right-click, properties, user mapping).If you do not have a Network Service login in your database, I have no idea what is going on.I recommend setting up a service account. http://social.msdn.microsoft.com/Forums/en-US/sqlsetupandupgrade/thread/ec9f1ded-1b9e-476d-acd9-77caf79a47b4/
cdonner  2009-12-01 16:44:23
A: 

I think that your problem is that you aren't keeping track of the difference between a database login and a database user. A login gives access to SQL Server (in general). A database user is a login that has been given access to a specific database. When you copy files back and forth as you've done, you can invalidate the underlying identifier for a login account (especially Windows accounts).

I would suggest that you use a SQL account to log in to your SQL server (rather than a Windows account) and place the credentials in the web.config file. I've simply found that this is far easier to configure, use and change than a Windows account login. Once your login is set up, just make sure that it also has user access to the database on the server you wish to use. You may still run into transfer problems (although they are less likely), but fixing them is quite a bit easier.

Important note: others disagree - arguing that Windows accounts are more secure - so you might want to educate yourself on this issue!

Mark Brittingham  2009-11-30 03:47:50
He is talking about adding Forms authentication users. Those are just database rows in a table that .Net created for this purpose.
cdonner  2009-11-30 04:10:21
+1  A: 

All questions about who or what or why regarding the config aside...

Your problem can be deduced from the connection string. That will work locally against sql express but not against sql proper on the server.

The first clue is that only SqlExpress enables User Instances. On Sql proper you will have to attach the mdf.

If that connection string works on your machine while in VS 2008, you have SQL EXPRESS installed. If that connection string works on the server then the server has SQL EXPRESS installed.

If the server does NOT have Sql Express installed and configured to allow user instances, as I would hope it did not, that connection string will result in the login failure exception you are experiencing.

I also wonder about your copy to/from. Typically access will be denied an active mdf, even for copying.

Please confirm Sql versions both client and server side and try to find a previous copy of both web.config files to compare connection strings.

Sky Sanders  2010-02-10 03:38:54
These were all good solutions, but I found that checking the versions I had installed against what was on the server came up with some inconsistencies. It appears that there was remnants of a previous install on my machine that was causing some issues.
Casey  2010-02-10 13:08:53
glad it worked out. is a fairly typical scenario but not always obvious.
Sky Sanders  2010-02-10 18:18:22
A: 

Can you try changing this Application Pools->Advanced Settings -> Process Model -> Identity ?

I got the same error and fix by changing the process model.

Kubi  2010-02-10 03:49:58

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps