Asp.net-mvc – IIS7, SQL 2008 and ASP.NET MVC security

asp.net-mvciis-7Securitysql-server-2008

I have an ASP.NET MVC application that I'm working on. I've been developing it on Windows Server 2003 with IIS6 and SQL 2008 Express, and everything was working great. I recently decided to try out the Windows 7 beta, so now I'm using IIS7, and have run into a problem with connectivity to my database that I can't seem to figure out.

I can run/debug the app just fine, but whenever I try to access a page that needs to access the database, I get the following error:

"Cannot open database "MyDatabaseName" requested by the login. The login failed.
Login failed for user 'IIS APPPOOL\MyApplicationName'."

I've obviously got some security configuration setup incorrectly, but I can't seem to find any good documentation on how to set it up correctly. I've tried giving NETWORK SERVICE permissions on the database, but that didn't seem to work. Anyone know what I need to do to give "IIS APPPOOL\MyApplicationName" permissions to this database? Am I missing something obvious?

Thanks…

Best Answer

If you are NOT using Active Directory, then ignore all of the other solutions mentioned here. The confusion stems from the new ApplicationPoolIdentity setting default in IIS 7.5+ (MS keeps changing the identity mechianisms)

Open SQL Management Studio, connect to your local machine as an admin.
Expand the Security branch.
Right click on Logins and select New Login
Into the Login Name field, type "IIS APPPOOL\MyApplicationName". Do NOT click the search button. The user profile dosn't actually exist on the local machine, it's dynamically created on demand.

While you're looking at it, don't forget to add the user to a database or a server role.

Best Answer

Related Solutions

IIS7 Authentication on Server 2008

Asp.net-mvc – the difference between ‘classic’ and ‘integrated’ pipeline mode in IIS7

Related Topic