Home > Developer > Mobile Develop

How to add the applicationpoolidentity to a SQL Server Login

Source: Internet
Author: User
Tags management studio sql server management sql server management studio
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

The applicationpoolidentity is a virtual account in Windows are dynamically generated when the application pools is CR Eated and takes on the name of the application pool in this manner:iis apppool\<name of application pool>. For instance, the application pool MyApp would has a virtual account created under the name of IIS Apppool\myapp when Instan Tiated. Read about the applicationpoolidentity and here for Windows virtual accounts. Information.

Since Windows is creating a dynamic virtual account for the application pool, there was not set identity or Windows user AC Count to assign to a SQL login for data access. This makes it difficult-assign the application pool to the SQL login. This blog post shows what to add a SQL login for local and a remote SQL Server to allow the applications hosted in an appli cation pool to access the SQL Server.

Side note:the IIS authentication method, anonymous or Windows, a difference on the access to the SQL Server . The security principle used to connect to the SQL Server are the one setup in the application pool configuration Identity.

On a local SQL Server, the login request would appear as the IIS application pool identity. For instance, if the application pool is called Authtest, the login would appear as IIS apppool\authtest.

On a remote SQL Server, the login request would appears as the machine name since the built in account are attempting to ACC ESS SQL. For example, the server IIS01 would appear as domain\iis01$ in a SQL trace.

To validate the connection to SQL, run a SQL trace with the Audit Login Failed and User Error Message events enabled and T His would show the account attempting to access SQL. Or, check the SQL log files.

To Add the account to SQL:

The steps is the same to add the login to SQL for a local or remote SQL Server. However, the identities was different depending on the server if SQL Server was installed locally or on a remote server.

For a local SQL Server:

    • Open SQL Server Management Studio (SSMS) and connect to the SQL Server.
    • Open the Security folder at the server level and not the security folder for the database.
    • Right click on the logins and select New Login.
    • For the login, type IIS apppool\apppoolname and does not CLICK search and select OK (If a SEARCH is executed, it'll resolv E to a account with Servername\apppool Name and SQL would be unable to resolve the account's SID since it is virtual)
    • Select the defaults for the account and select OK to close dialog

The same can be accomplished using T-sql:

CREATE LOGIN [IIS apppool\authtest] from WINDOWS;
CREATE USER authtest for LOGIN [IIS Apppool\authtest];

For a remote SQL Server:

    • Open SQL Server Management Studio (SSMS) and connect to the SQL Server.
    • Open the Security folder at the server level and not the security folder for the database.
    • Right click on the logins and select New Login.
    • For the login, type domain\servername$ and does not CLICK SEARCH
    • Select OK
    • Select the defaults for the account and select OK to close dialog

Using T-sql:

CREATE LOGIN [computername$] from WINDOWS;

Web. config SET integrated security=sspi;

How to add the applicationpoolidentity to a SQL Server Login

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to make sql server authentication login login to sql server how to add sql authentication in sql server how to add server name in sql server 2008 add database to sql server how to add column in sql server 2008 how to add row number in sql server 2008

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More