Our website connects to a database correctly when running the website locally using the built-in web server. But, when we deploy the site to our server running IIS, we get a database connection error. The database server is different from our IIS server. Note that a trusted connection to a different database on the SAME server as IIS works fine.
当使用内置Web服务器在本地运行网站时,我们的网站正确连接到数据库。但是,当我们将站点部署到运行IIS的服务器时,我们会收到数据库连接错误。数据库服务器与我们的IIS服务器不同。请注意,作为IIS的SAME服务器上的其他数据库的可信连接正常工作。
What do we need to do to connect to a SQL database on a different server with a trusted connection?
使用可信连接连接到不同服务器上的SQL数据库需要做什么?
3 个解决方案
#1
2
When you're running a web site using Cassini, the account used by the web server process is your own account that you use to log on to your Windows machine. That account will be different on IIS.
当您使用Cassini运行网站时,Web服务器进程使用的帐户是您自己用于登录Windows计算机的帐户。该帐户在IIS上会有所不同。
Consider the security implications of opening the database up to a broader access than you may need with trusted connection. Perhaps you could use Windows authentication with a service account. That is, create an application-specific user in SQL Server with limited permissions. Then, you will get the benefits of connection pooling while avoiding passing credentials.
考虑将数据库打开到比可信连接所需的更广泛访问的安全隐患。也许您可以将Windows身份验证与服务帐户一起使用。也就是说,在具有有限权限的SQL Server中创建特定于应用程序的用户。然后,您将获得连接池的好处,同时避免传递凭据。
#2
0
I'd check the user account that app domain in IIS is using to connect to SQL Server. The account in IIS may not have access to network resources as well which would explain the trouble reaching the other database server.
我将检查IIS中的应用程序域用于连接到SQL Server的用户帐户。 IIS中的帐户可能无法访问网络资源,这可以解释到达其他数据库服务器的问题。
#3
0
Sounds like you need to configure the database server to provide access to the database you're trying to connect to.
听起来您需要配置数据库服务器以提供对您尝试连接的数据库的访问权限。
Assuming SQL Server, log into SQL Server Enterprise Manager and under Security -> Logins, open the properties for the applicable user (probably the Network Service or ASP.NET account of the web server) and go to the Database Access tab and ensure that the Permit checkbox is ticked for the database you are connecting to.
假设SQL Server,登录到SQL Server企业管理器并在安全 - >登录下,打开适用用户的属性(可能是Web服务器的网络服务或ASP.NET帐户),然后转到数据库访问选项卡并确保勾选您要连接的数据库的“允许”复选框。
#1
2
When you're running a web site using Cassini, the account used by the web server process is your own account that you use to log on to your Windows machine. That account will be different on IIS.
当您使用Cassini运行网站时,Web服务器进程使用的帐户是您自己用于登录Windows计算机的帐户。该帐户在IIS上会有所不同。
Consider the security implications of opening the database up to a broader access than you may need with trusted connection. Perhaps you could use Windows authentication with a service account. That is, create an application-specific user in SQL Server with limited permissions. Then, you will get the benefits of connection pooling while avoiding passing credentials.
考虑将数据库打开到比可信连接所需的更广泛访问的安全隐患。也许您可以将Windows身份验证与服务帐户一起使用。也就是说,在具有有限权限的SQL Server中创建特定于应用程序的用户。然后,您将获得连接池的好处,同时避免传递凭据。
#2
0
I'd check the user account that app domain in IIS is using to connect to SQL Server. The account in IIS may not have access to network resources as well which would explain the trouble reaching the other database server.
我将检查IIS中的应用程序域用于连接到SQL Server的用户帐户。 IIS中的帐户可能无法访问网络资源,这可以解释到达其他数据库服务器的问题。
#3
0
Sounds like you need to configure the database server to provide access to the database you're trying to connect to.
听起来您需要配置数据库服务器以提供对您尝试连接的数据库的访问权限。
Assuming SQL Server, log into SQL Server Enterprise Manager and under Security -> Logins, open the properties for the applicable user (probably the Network Service or ASP.NET account of the web server) and go to the Database Access tab and ensure that the Permit checkbox is ticked for the database you are connecting to.
假设SQL Server,登录到SQL Server企业管理器并在安全 - >登录下,打开适用用户的属性(可能是Web服务器的网络服务或ASP.NET帐户),然后转到数据库访问选项卡并确保勾选您要连接的数据库的“允许”复选框。