'IIS APPPOOL \ ASP.NET v4.0'사용자의 로그인에 실패했습니다
웹 프로젝트 (C # Asp.Net, EF 4, MS SQL 2008 및 IIS 7)가 있으며 IIS 7로 로컬로 마이그레이션해야합니다 (현재 CASSINI에서 잘 작동 함).
IIS에서는 로컬로 Default Web Site배포가 있습니다. 내 배포 및 Default Web Site풀 ASP.NET v4.0 (설정 이미지 참조)에서 풀 대상 Framework 4를 내 웹 프로젝트로 사용합니다. 
사이트를 방문하면 브라우저에 페이지가 표시되지 않고 브라우저가 페이지를 대신 다운로드 할 수 있습니다.
IIS에서 로컬로 실행되는 다른 프로젝트가 있으며 아무런 문제없이 작동하지만 Entity Framework는 사용하지 않습니다.
이벤트 로거를 사용하면 다음과 같은 오류가 나타납니다.
Exception information:
Exception type: EntityException
Exception message: The underlying provider failed on Open.
at System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure)
Login failed for user 'IIS APPPOOL\ASP.NET v4.0'.
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure)
업데이트 :이 질문의 리소스에서 MS SQL 2008에 대한 권한을 수동으로 부여해야한다는 것을 읽을 수 있습니다. IIS 7.5 및 MS SQL 2008 R2를 사용하면 수동 권한을 설정할 필요가 없습니다.
SQL Server에 대한 연결을 열려고하지 않는 것 같습니다.
IIS APPPOOL\ASP.NET v4.0데이터베이스에 대한 권한을 부여 하려면 SQL Server에 로그인을 추가해야 합니다.
SSMS의 서버에서 보안을 펼친 다음 로그인을 마우스 오른쪽 단추로 클릭하고 "새 로그인 ..."을 선택하십시오.
새 로그인 대화 상자에서 로그인 이름으로 앱 풀을 입력하고 "확인"을 클릭하십시오.
그런 다음 앱 풀의 로그인을 마우스 오른쪽 버튼으로 클릭하고 속성을 선택한 다음 "사용자 매핑"을 선택하십시오. 적절한 데이터베이스 및 적절한 역할을 확인하십시오. 나는 당신이 단지 선택 수 있다고 생각 db_datareader하고 db_datawriter,하지만 난 당신이 EF를 통해 그렇게 할 경우 당신은 여전히 저장 프로 시저를 실행하는 권한을 부여해야합니다 생각합니다. 여기 에서 역할에 대한 세부 사항을 확인할 수 있습니다 .
IIS7-> 응용 프로그램 풀-> 고급 설정에서 ApplicationPoolIdentity를 변경할 수 있습니다. 
ApplicationPoolIdentity 아래에 로컬 시스템이 있습니다. 그러면 응용 프로그램 NT AUTHORITY\SYSTEM이 기본적으로 데이터베이스에 대한 기존 로그인 인에서 실행됩니다 .
편집 :이 제안을 적용하기 전에 보안 관련 사항에 유의하고 이해해야합니다.
당신이 가지고 있는지 확인하십시오 ...
Trusted_Connection=false;
연결 문자열에
다음 이미지와 같이 SQL을 사용 하여이 문제를 해결했습니다.
db-> 특성-> 권한-> 서버 권한보기->를 마우스 오른쪽 단추로 클릭 한 후 IIS APPPOOL\ASP.NET v4.0권한 을 선택 하고 부여 하십시오 .
이 SQL 스크립트를 실행
IF NOT EXISTS (SELECT name FROM sys.server_principals WHERE name = 'IIS APPPOOL\DefaultAppPool')
BEGIN
CREATE LOGIN [IIS APPPOOL\DefaultAppPool]
FROM WINDOWS WITH DEFAULT_DATABASE=[master],
DEFAULT_LANGUAGE=[us_english]
END
GO
CREATE USER [WebDatabaseUser]
FOR LOGIN [IIS APPPOOL\DefaultAppPool]
GO
EXEC sp_addrolemember 'db_owner', 'WebDatabaseUser'
GO
의 경우 연결 문자열을 지정한 :
User ID=xxx;Password=yyy
그러나 연결 문자열 에는 다음이 있습니다.
Trusted_Connection=true;
SQL Server는 Windows 인증을 사용하므로 연결 값이 무시되고 무시됩니다 (IIS는 Identity 사용자 프로필에 지정된 Windows 계정을 사용합니다). 더 많은 정보는 여기에
연결 문자열에 다음이 있는 경우에도 동일하게 적용됩니다 .
Integrated Security = true;
또는
Integrated Security = SSPI;
Windows 인증은 데이터베이스 서버에 연결하는 데 사용되기 때문입니다. 더 많은 정보는 여기에
iis로 이동-> 응용 프로그램 풀-> 응용 프로그램에 사용 된 응용 프로그램 풀 찾기
응용 프로그램에 사용되는 응용 프로그램 풀을 선택하고 마우스 오른쪽 단추를 클릭하여 고급 설정을 선택하십시오.
응용 프로그램 풀 ID 선택 
로컬 시스템으로 내장을 선택하고 확인을 클릭하십시오.
ApplicationPoolIdentity가 싫습니다. 저는 항상 Windows 사용자 계정을 AppPools의 계정으로 설정했습니다.
adrift가 말했듯이 데이터베이스 보안 문제처럼 들립니다. 따라서 NT 사용자 계정을 만들어 ASP.NET v4.0 AppPool에 할당 한 다음 웹 사이트 폴더 및 SQL의 관련 테이블에 대한 권한을 부여하십시오.
통합 보안을 사용하지 마십시오. 사용하다User Id=yourUser; pwd=yourPwd;
이것은 문제를 해결합니다.
이 문제가 있었고 실제로 다른 문제로 인해 발생했습니다. 데이터베이스에 'IIS APPPOOL \ ASP.NET v4.0'사용자가 있지만 여전히 작동하지 않습니다.
I had recently upgraded my SQL Server Install and in the process the User had become disconnected from the Login - so there was an 'IIS APPPOOL\ASP.NET v4.0' under Database -> Security -> Users BUT no User not under Security -> Logins.
Added the Login 'IIS APPPOOL\ASP.NET v4.0' to Security -> Logins, SQL Server automatically mapped it to the User in the database (this used to have to be done manually) and problem fixed.
First thing you need to clear if you are using windows authentication and you are not mentioning any username password in your connection string then:
What happens when you run your code through localhost: when you run your wcf test client from localhost, it will be able to communicate to database as local debug mode application is calling database by your account's service. So it has access to database because devenv.exe is running under your user account.
But when you deploy your web service in IIS. Now understand this service runs under IIS not under your account. So you need to assign access rights to IIS service to access the sql server for windows authentication. Here your web service would not be able to communicate to the SQL server because of access rights issue and Login Failed for user_______ (here your user will come)
So if you are using windows authentication to connect your database, you just have to change the IIS Application pool settings. You need to change IIS Application pool's identity to local System.
Below are the Steps for windows authentication WCF: •Open IIS (windows+R (run) then type inetmgr, then click ok) •double click your PC name under Connections •Click Application Pools •Select your app pool (DefaultAppPool) •Then under actions on the right click Advanced Settings: •Go to Process Model section and •click on Identity. •Now select LocalSystem.
Now open your sql server management studio: open run-> then type ssms then press ok in ssms, login using your windows authentication account. open security tab expand logins tab then you will be able to view your account.
Now open properties of your account go to userMapping then select the database you want to connect then check the role membership services you want to use for the selected database click ok. (For network services i.e. intranet users you need to configure above settings for NT AUTHORITY\SYSTEM user too)
add Trusted_Connection=True; property in your connection string. Save it & deploy the web service. Restart app pool.
you will be able to connect the database now.
I had this message and I use Windows Authentication on the web server.
I wanted the currently authenticated web user to be authenticated against the database, rather than using the IIS APPPOOL\ASP.NET v4 User specified in the App Pool.
I found by entering the following in the web.config fixed this for me:
<system.web>
<identity impersonate="true" />
</system.web>
https://msdn.microsoft.com/en-us/library/bsz5788z.aspx
I see other Answers regarding creating the AppPool username in the SQL DB or just to use SQL Auth. Both would be correct if you didn't want to capture or secure individual Windows users inside SQL.
Tom
As pointed out, Do not use Windows Authentication, Use SQL Server Authentication
Also if you created connection using "Server Connection" dialog, make sure to check the connections in web.config. It is likely that you created/modified connection and it was stored as trusted connection in web.config. Simply use this authentication
<add name="MyDBConnectionString" connectionString="Data Source=localhost;Initial Catalog=Finantial;User ID=xxx;Password=xxx" providerName="System.Data.SqlClient"/>
which should fix the error.
Setting the identity only makes this work in my pages.
Cassini runs your website as your own user identity when you start up the Visual Studio application. IIS runs your website as an App Pool Identity. Unless the App Pool Identity is granted access to the Database, you get errors.
IIS introduced App Pool Identity to improve security. You can run websites under the default App Pool Identity, or Create a new App Pool with its own name, or Create a new App Pool with its own name that runs under a User Account (usually Domain Account).
In networked situations (that are not in Azure) you can make a new App Pool run under an Active Directory Domain user account; I prefer this over the machine account. Doing so gives granular security and granular access to network resources, including databases. Each website runs on a different App Pool (and each of those runs under its own Domain User account).
Continue to use Windows Integrated Security in all Connection Strings. In SQL Server, add the Domain users as logins and grant permissions to databases, tables, SP etc. on a per website basis. E.g. DB1 used by Website1 has a login for User1 because Website1 runs on an App Pool as User1.
One challenge with deploying from the Visual Studio built-in DB (e.g. LocalDB) and built-in Web Server to a production environment derives from the fact that the developer's user SID and its ACLs are not to be used in a secure production environment. Microsoft provides tools for deployment. But pity the poor developer who is accustomed to everything just working out of the box in the new easy VS IDE with localDB and localWebServer, because these tools will be hard to use for that developer, especially for such a developer lacking SysAdmin and DBAdmin support or their specialized knowledge. Nonetheless deploying to Azure is easier than the enterprise network situation mentioned above.
If you have your connection string added in your web.config, make sure that "Integrated Security=false;" so it would use the id and password specified in the web.config.
<connectionStrings>
<add providerName="System.Data.SqlClient" name="MyDbContext" connectionString="Data Source=localhost,1433;Initial Catalog=MyDatabase;user id=MyUserName;Password=MyPassword;Trusted_Connection=true;Integrated Security=false;" />
</connectionStrings>
Another way of granting permission to the database for the user IIS APPPOOL\ASP.NET v4.0 is as follows.
- Add New User with User Name and Login name as
IIS APPPOOL\ASP.NET v4.0with your default schema. - Go to Owner schema and Membership, Check db_datareader, db_datawriter
Thought I'd post this as an answer as it is relevant to the question and can answer it in some cases.
That same message appears also if the database does not exist!
Be sure your connection string has no misspellings, is pointing to the right server instance, etc.
I Have the same problem I solved it by changing Integrated Security=True to false now its working
something similar happened to me what worked for me was changing the property Integrated Security = True to Integrated Security = false in the web.config of the website
Have you done what @Teddy recommended and you STILL get the same error?
Make sure you're changing the settings for the app pool that corresponds to your virtual directory and not the parent server. Each virtual directory has its own AppPool and doesn't inherit.
In DefaultAppPool set NetworkService in the Identity property and in Sql Server add User Network Service and give it the appropiate permissions to your database, that's work very well for me, I've tested locally but I think this is the best configuration for connecting from any other computer in the network. when you set LocalSystem in the Identity in IIS that's work well and it is not necessary to create any other user in Sql Server but I think that will not work in a network environment.
I ran into the same problem testing ASP.NET Web API
Developed Web.Host in Visual Studio 2013 Express Database created in SQL Server 2012 Express Executed test using built in IIS Express (working) Modified to use IIS Local (from properties page - web option) Ran test with Fiddler Received error - unable to open database for provider.... citing 'APPPOOL\DefaultAppPool'
Solution that worked.
In IIS
Click on application pool 'DefaultAppPool' Set Identify = 'ApplicationPoolIdentity' Set .NET framework = v4.0 (even though my app was 4.5)
In SQL Server Management Studio
Right click on Security folder (under the SQL Server engine so applies to all tables) Right click on User and add 'IIS APPPOOL\DefaultAppPool' In securables on the 'Grant' column check the options you want to give. Regarding the above if you are a DBA you probably know and want to control what those options are. If you are like me a developer just wanted to test your WEB API service which happens to also access SQL Server through EF 6 in MVC style then just check off everything. :) Yes I know but it worked.
In case you add a new login, make sure that under server properties ( rightclick -> properties)/security, authentication mode is set to both sqlserver and windows not only windows.
Add "Everyone" under security. If you added the Server and the users logging in to the database, then this is something you are missing. Hope this helps.
For the record, if you encounter this error after switching from LocalDB to SQLEXPRESS, make sure the database already esists in SQLEXPRESS. You can verify this in Management Studio.
I had the same problem when using Entity Framework after switching to SQLEXPRESS from LocalDB. I had to run Update-Database command. I was able to successfully connect after that.
I did exactly as @JeffOgata said but I got the error:
Windows NT user or group 'IIS APPPOOL\ASP.NET v4.0' not found. Check the name again. (Microsoft SQL Server, Error: 15401)
I looked at my error message again and it said Login failed for user 'IIS APPPOOL\DefaultAppPool'.
After adding a user named IIS APPPOOL\DefaultAppPool everything worked.
I used SQL Server Profiler (available in SSMS => Tools menu) and saw there (when IIS attempted to connect to database) that my IIS user was for some reason NT AUTHORITY\IUSR, no matter of all steps recommended in answers in this question. So I added that user to SQL Server, and it worked...
In Asp.net webform,
this error fixed when installing asp.net from:
Server Manager > Manage > Add Role and Feature > Server Roles > Web Server (IIS) > Web Server > Application Development > ASP.NET 3.5/4.6 is installed.
my problem fixed.
SSMS 업데이트 후에 생성 된 특정 데이터베이스에서이 문제가 발생할 수 있습니다. SSMS를 열고 데이터베이스를 선택하고 필요한 데이터베이스를 연 다음 보안-> 사용자->를 클릭하고 사용자를 마우스 오른쪽 단추로 클릭 한 후 '새 사용자'를 다시 클릭 하고 'NT AUTHORITY \ Authenticated Users'를 추가 하고 작업을 저장 한 다음 웹 / 데스크톱에서 양식을 작성하십시오. 즐겨....
참고 URL : https://stackoverflow.com/questions/7698286/login-failed-for-user-iis-apppool-asp-net-v4-0
'Programing' 카테고리의 다른 글
| 인식 할 수없는 속성 'targetFramework'. (0) | 2020.02.21 |
|---|---|
| 루비 블록에서 헤어지는 방법? (0) | 2020.02.21 |
| request.GET에서 URL 매개 변수 캡처 (0) | 2020.02.21 |
| JS / jQuery에서 화살표 키 바인딩 (0) | 2020.02.21 |
| C #에서 var 키워드 사용 (0) | 2020.02.21 |