Article ID: 316989 - View products that this article applies to.
This article was previously published under Q316989
When you create a trusted connection from Microsoft ASP.NET to Microsoft SQL Server, you may receive the following error message:
For computers that run Internet Information Services (IIS) 6.0, you may receive the following error message:
Login failed for user 'MachineName\ASPNET
Note You receive either of these error messages specifically when you use integrated security (when you include the integrated security=sspi attribute in a connection string).
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'
When you use ASP.NET, the default security context is the ASPNET account (or NetworkService account, for an application that runs on IIS 6.0) for both Aspnet_wp.exe (or W3wp.exe, for an application that runs on IIS 6.0) and the request to SQL Server. By default, the ASPNET account (or NetworkService account, for an application that runs on IIS 6.0) does not have any permissions in SQL Server, and therefore it cannot access the database.
To resolve this issue, use one of the following methods:
Steps to reproduce the issue
For more information about how to programmatically change the security context of the ASP.NET worker process, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/306158/ )How to implement impersonation in an ASP.NET application
(http://support.microsoft.com/kb/307002/ )ASP/ODBC/SQL Server error 0x80040E4D "Login failed for user '(null)'"
(http://support.microsoft.com/kb/253500/ )"Client unable to establish connection" error message when connecting from ASP to SQL Server
(http://support.microsoft.com/kb/306586/ )Troubleshooting error 80004005 "Login failed" in ASP
(http://support.microsoft.com/kb/247931/ )Authentication methods for connections to SQL Server in Active Server Pages
(http://support.microsoft.com/kb/315158/ )FIX: ASP.NET does not work with the default ASPNET account on a domain controller
824308For more information about how to change the default configuration of the ASP.NET security context, visit the following Microsoft Developer Network (MSDN) Web site:
(http://support.microsoft.com/kb/824308/ )BUG: IWAM account is not granted the impersonate privilege for ASP.NET 1.1 on a Windows 2000 domain controller with SP4
http://msdn2.microsoft.com/en-us/library/ms978378.aspxFor more information about how to add the ASPNET account to SQL Server, see the "Adding a Windows User or Group" topic in SQL Server Books Online.
Article ID: 316989 - Last Review: September 21, 2007 - Revision: 5.7