Description: [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

  • Hi All:

    Maybe I did not explain myself very clear. Here you have a better description of the problem:

    Scenario:

    Server1:

    Windows Server 2003 with IIS and SQL Server 2000 running together. An ODBC connection is used to connect the pages on the IIS to the database in SQL. IIS, ODBC and SQL server are using Windows authentication (Anonymous is disable in the IIS.) The ODBC verify the authenticity of the login ID with Windows NT authentication using the network login ID.

    Server 2:

    Windows Server 2008 (Datacenter), SQL Server 2008. Even thought, I installed IIS in this server, I do not use it for anything else but Reporting Services. IIS is in a default configuration.

    Here it is the change I am trying to accomplish:

    1.A moved the database from Server 1 (SQL 2000) to Server 2 (SQL 2008). No problems so far. I can access the data in both servers without any problem and run all store procedures, etc., etc. using the SQL Management Studio.

    2.I go to Server 1 and change the ODBC connection to point to the new location (Server 2) and I get the following error when I try to access the database thru Internet Explorer on my PC.

    Description: [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

    Source: Microsoft OLE DB Provider for ODBC Drivers

    SQLState: 28000

    NativeError: 18456

    3.The servers are located in the same domain. We use active directory. I belong to the administrator group of the domain and I have administrator rights on both SQL Servers.

    4.The pages that connect to the database were created using regular ASP/ADO and VBScript. Nothing fancy, plain vanilla code as you can see by the following VBScript section of a page:

    On Error Resume Next

    Dim oConn

    Dim blnCriticalError

    Set oConn = Server.CreateObject("ADODB.Connection")

    oConn.Open "DSN=ODBCName"

    Set oRSz = Server.CreateObject("ADODB.RecordSet")

    oRSz.Open "SQLTable", oConn

    5.Are there any suggestions on how to solve this problem? I do not want to use AUTHORITY\ANONYMOUS to connect to the SQL server which if I added to the logins of the SQL server 2008 the page works just fine.

    Thank you all.

  • Hi,

    Not sure if you solved this problem already but it sounds like what developers call " the dreaded double-hop issue." Here is a link to an MVP who has answered a similar question.

    http://social.msdn.microsoft.com/Forums/en-US/sharepointdevelopment/thread/8483e5b9-1bcd-4283-964f-e8349640cbf7

    And here is a good blog post explaining the "double-hop" with IIS:

    http://weblogs.asp.net/owscott/archive/2008/08/22/iis-windows-authentication-and-the-double-hop-issue.aspx

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply