如何使用Windows身份验证指定的Windows用户从ASP连接到MS SQL Server数据库 [英] How to connect to MS SQL Server database from ASP using windows authentication specifying a windows user

问题描述

我一直在试图为短短一个多月来这里连接一个ASP脚本，SQL Server数据库
但每次我用这个连接字符串：

    数据源= dbServer01;初始目录= POS123;集成安全性= SSPI;用户ID =域的\\ usr;密码= PWD;

I've been trying for just over a month to connect an ASP script here to a SQL Server database but each time I use this connection string:
Data Source=dbServer01;Initial Catalog=POS123;Integrated Security=SSPI;User ID=domain\usr;Password=pwd;

它忽略我指定的用户，并采取计算机名称以连接，这显然无法验证。

It ignores the user I specify and takes the machine name to authenticate the connection, which obviously fails.

所以我的集成安全值更改为false，像这样：

    数据源= dbServer01;初始目录= POS123;集成安全性= FALSE;用户ID =域的\\ usr;密码= PWD;

so I change the Integrated Security value to False, like this:
Data Source=dbServer01;Initial Catalog=POS123;Integrated Security=False;User ID=domain\usr;Password=pwd;

然后我得到一个错误：用户登录失败域的\\ usr，这是不可能的，因为它的工作原理，当我们在测试ODBC管理应用程序与它连接

I then get an error: Login Failed for user "domain\usr" which is impossible because it works when we test the connection with it in the odbc admin app.

我问一个资深的帮助下，他说，它采取了用户名作为数据库用户名，但我们需要让它使用Windows身份验证，并指定要使用的用户。
我记得读这个一个月前发现没有办法使用这个版本的ASP.NET Windows身份验证连接时指定一个用户名和密码。
我马上就要杀死自己，如果我不能得到这个脚本连接，别人救我请！

I asked the help of a senior and he said it's taking the user name as a database user name, but we need to make it use windows authentication, and specify which user to use. I remember reading about this a month ago and finding that there was no way to specify a user and password when connecting using windows authentication with this version of ASP.NET. I'm going to kill myself soon If I can't get this script to connect, someone save me please!

推荐答案

您已经有了至少 2 这里有3个选项：

You've got at least 2 3 options here:

• 它运行为域的/ usr ，然后分配您的应用程序这个应用程序池在Web服务器上创建一个应用程序池，并使用集成的安全性。您的连接字符串将是数据源= dbServer01;初始目录= POS123;集成安全性= SSPI;。 - 即删除用户名和密码 - 这些都是在程序池的身份固有


• 或（假设混合模式启用了安全性）问你的DBA来创建具有相同权限的新SQL用户（就叫 USR ）为域的/ usr ，然后连接字符串更改为标准的安全性，用户ID = USR


• 如果您启用模拟（这里和<一个href=\"http://stackoverflow.com/questions/5826882/application-pool-identity-or-impersonation\">here),您可以使用域凭据而无需改变应用程序池标识。注意有关保护明文密码，并输入法点这通常也需要额外的配置，以避免<一个href=\"http://stackoverflow.com/questions/13706580/kerberos-double-hop-in-asp-net-4-0-sql2008r2\">double-hop问题。

• Create an App Pool on your web server which runs as domain/usr and then assign your app to this app pool, and use integrated security. Your connection string will be Data Source=dbServer01;Initial Catalog=POS123;Integrated Security=SSPI; - i.e. drop the username and password - these are inherent in the AppPool's identity.
• or (assuming Mixed Mode security is enabled) ask your DBA's to create a new SQL User (just called usr) with the same permissions as domain/usr and then change your connection string to standard security, with User Id=usr
• If you enable impersonation (here and here), you can use the domain credential without changing the app pool identity. Note the point about securing cleartext passwords, and IME this typically also requires additional configuration to avoid the double-hop issue.

这篇关于如何使用Windows身份验证指定的Windows用户从ASP连接到MS SQL Server数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！