locked
wcf service deployed in IIS 7 can't connect to sql server 6.5 RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    I have my wcf service hosted in IIS.when i try to connect to Sql 6.5 which is on some other domain, i am getting Access denied error.

    I am using ODBC connection string to connect to it.

    But when i try to connect to sql 6.5 as a console app it connects fine.i get access denied when the service is hosted in IIS 7.

    Any clue what is the problem?

    Thanks in advance

     

     

     

    Tuesday, August 9, 2011 1:28 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    When you use IIS to host you service, the service executes by using a special identity, not your own identity. Usually in IIS 7 this is the NetworkService user, and in IIS 7.5 the default is the special application pool identity user. Both these users actually use the machine account in the domain when accessing external resources such as sql servers, so you need to add permission for your IIS machine in the SQL server. I suggest you tell your DBAs about the security issue and ask them to add the machine account to the permitted logins.

    Please mark posts as answers/helpful if it answers your question.
    Senior Consultant on WCF, ASP.NET, Siverlight, and Entity Framework. Author of Microsoft's Official WCF 4 Course. Co-author of the Microsoft HPC/Azure burst whitepaper.
    Visit my blog: http://blogs.microsoft.co.il/blogs/idof
    • Proposed as answer by Ido Flatow. _ Thursday, August 11, 2011 10:56 AM
    • Marked as answer by Yi-Lun Luo Monday, August 15, 2011 7:47 AM
    Tuesday, August 9, 2011 5:26 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    When you use IIS to host you service, the service executes by using a special identity, not your own identity. Usually in IIS 7 this is the NetworkService user, and in IIS 7.5 the default is the special application pool identity user. Both these users actually use the machine account in the domain when accessing external resources such as sql servers, so you need to add permission for your IIS machine in the SQL server. I suggest you tell your DBAs about the security issue and ask them to add the machine account to the permitted logins.

    Please mark posts as answers/helpful if it answers your question.
    Senior Consultant on WCF, ASP.NET, Siverlight, and Entity Framework. Author of Microsoft's Official WCF 4 Course. Co-author of the Microsoft HPC/Azure burst whitepaper.
    Visit my blog: http://blogs.microsoft.co.il/blogs/idof
    • Proposed as answer by Ido Flatow. _ Thursday, August 11, 2011 10:56 AM
    • Marked as answer by Yi-Lun Luo Monday, August 15, 2011 7:47 AM
    Tuesday, August 9, 2011 5:26 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Just curious, you already have IIS 7 (that means you must have Windows Vista or later), why do you stick with SQL Server 6.5? I think even the free SQL Server 2008 R2 Express is more powerful than a paid version of 6.5...
    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    Windows Azure Technical Forum Support Team Blog
    Wednesday, August 10, 2011 6:59 AM