SSPI security failed to connect from application server to remote database server.
I am trying to edit the web.config in an aspx page which is embedded in Dynamics CRM. The previous web.config connectionstring is like below:
<add name="conn" connectionString="Server=10.138.50.133;MultipleActiveResultSets=True;Database=dbserverip;User Id=domain\CRMADMINUAT;Password=p@ssword" providerName="System.Data.SqlClient" />
Due to security concern, now I need to change the integrated security to SSPI.
<add name="conn" connectionString="Data Source=SGARCRMDBUAT;Initial Catalog=DB_MSCRM;Integrated Security=SSPI" providerName="System.Data.SqlClient" />
However, it is always failed to connect with the database server and throwing me this error:
[SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.]
below are steps that I have taken but still not working:
change the CRM Application Pool identity from Local System to a sysadmin user which has admin rights on both App and DB server.
add
<identity impersonate="true"/>into web.configDisable
Anonymous Authenticationof the site. EnableASP.NET ImpersonatationChange Integrated Security=true
No special Delegation configuration in AD
And i realized that the site is working normally in server localhost, only showing anonymous error when i try to access from my PC which is in same LAN network as the server.
There's another weird thing happened. When i create a new login user 'NT AUTHORITY\ANONYMOUS LOGON' in Database, the error was gone and the page was working perfectly as before!! Seems like the 'NT AUTHORITY\ANONYMOUS LOGON' is a hard coded user or configuration?? But i have checked my code, no such things exist in my code.
Really hope that someone could help me.. Thanks ahead.
