Hi All,
We have a customer who is using our application and is expiriencing a
behavior we haven't seen in the field yet. Our application is a WMI Event
Provider (so it is part of the WMI service which is running as the
LocalSystem account) running on a Windows 2003 Server (Standard Edition)
that needs to open an ODBC connection (using NT Authentication, NOT SQL
authentication) to a SQL Server running on a different Server (non-domain
controller, W2K Standard Edition SP4, SQL2000 Standard edition). In this
setup, we have customers add the machine account as an SQL user and then
within the specific database, have them give the machine account select,
update and delete authority on the specific table we need access to and
everything works great. Trouble at this particular customer is that on the
SQL server, we see an anonymous user login instead of the machine account
login (that we normally see). Does anyone have any theories as to why this
is happening? Thank you very much for your valuable time.Anthony LaMark
www.eXcSoftware.comIf there is an anonymous login in SQL Server, it is because someone added
it. It would not get there automatically. It is possible that the customer
was getting connection errors similar to the following:
Login failed for user NT Authority\Anonymous'. Not associated with a
trusted connection.
so they added the NT Authority\Anonymous login.
If this is the case they may be running into a kerberos authentication
problem.
If this is the case then the SQL Server may not have a valid Service
Principal name asscociated with it. You can use the setspn utility to
create one. The following article describes how to use the setspn utility:
HOW TO: Troubleshoot Kerberos-Related Issues in IIS
http://support.microsoft.com/defaul...kb;en-us;326985
I realize that you may not be having IIS problems but the steps would be
the same to resolve any kerberos problem.
Rand
This posting is provided "as is" with no warranties and confers no rights.
Monday, March 19, 2012
LocalSystem (i.e. machine account) authenticating to a SQL server as anonymous
Labels:
abehavior,
application,
authenticating,
customer,
database,
expiriencing,
field,
localsystem,
machine,
microsoft,
mysql,
oracle,
server,
sql,
wmi
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment