Monday, January 25, 2010

Login failed for user 'NT AUTHORITY\IUSR'

If you encountered this error while running your published website or web service in IIS7:

Message: Sys.WebForms.PageRequestManagerServerErrorException: Cannot open database "[DB_NAME]" requested by the login. The login failed.

Just follow these simple steps to solve the problem.

1. Open SQL Server Management Studio.



2. On the left menu, expand Security then Logins. Check if 'NT AUTHORITY\IUSR' exists. If not then that is the cause of the problem.




3. Right-click on Logins then click New Login...



4. On the General page, click Search...



5. On the next popup window, click Advanced...



6. Then on the following window, click Find Now and find IUSR on the Search Results. Then click OK.



7. Back on the left menu, you'll now see the 'NT AUTHORITY\IUSR' user. Right click on it and click Properties.




8. On the Server Roles page, check on sysadmin.



9. Then on the User Mapping page check on the database name you need access to; and below that on the database role membership make sure to also check on db_owner then click OK.






...And that's a wrap, you shouldn't be seeing the login failed error now.



-k
Posted by at
Labels: , , , , , ,

69 comments:

  1. AnonymousFebruary 8, 2010 at 9:52 AM

    Thanks for the article this really helped me out.

    ReplyDelete
  2. AnonymousFebruary 16, 2010 at 11:21 PM

    great article...

    u solve my problem juz now...

    thanks :)

    ReplyDelete
  3. RagadeepthiMarch 15, 2010 at 9:50 AM

    Thanks for the article..

    it helped me alot..

    ReplyDelete
  4. AnonymousApril 5, 2010 at 7:56 AM

    thank you so much
    it solved my problem.......
    it helped me after lot of frustuation

    ReplyDelete
  5. Kobena WireduMay 14, 2010 at 10:41 AM

    I have NT AUTHORITY\IUSR as part of the allowable login users to my SQL but still getting the same error

    ReplyDelete
  6. AnonymousMay 24, 2010 at 11:20 AM

    Thanks a lot, after several hours of playing around, just what I needed!

    ReplyDelete
  7. AnonymousJune 19, 2010 at 8:35 PM

    A wonderful , Clear and working solution to my frustrating problem.

    ReplyDelete
  8. AnonymousJuly 2, 2010 at 1:42 PM

    thank you very very much you help me in this topic

    ReplyDelete
  9. AnonymousAugust 27, 2010 at 10:17 PM

    REALLY THAAAAAAAANKS FOR THISSSSS

    ReplyDelete
  10. AnonymousSeptember 1, 2010 at 6:18 AM

    I have to disagree with this solution, my understanging is this solution grants any anonymous users access to the database which is really bad.

    ReplyDelete
  11. AnonymousSeptember 13, 2010 at 2:27 PM

    Hi guys, I am trying to follow the instructions but I cannot see 'NT AUTHORITY\IUSR' in the list of my SQL users. How can I add this user? Anything should be set in IIS?
    Thanks,
    V

    ReplyDelete
  12. AnonimoSeptember 15, 2010 at 11:17 AM

    Gracias, me ayudo mucho =)

    ReplyDelete
  13. andresNovember 10, 2010 at 4:14 AM

    thanks! that helped a lot!

    ReplyDelete
  14. personalidade em desenvolvimentoNovember 17, 2010 at 9:34 AM

    u my hero!!!!
    thanks

    ReplyDelete
  15. JezzyNovember 26, 2010 at 8:57 AM

    Goood one

    Thanks

    ReplyDelete
  16. TanweerDecember 24, 2010 at 11:03 PM

    Thanks a lot, I was so confused having this problem, well done.

    ReplyDelete
  17. AnonymousJanuary 29, 2011 at 2:24 PM

    Great Article!! Thanks for it!! Just solved my problem in a minute...

    ReplyDelete
  18. Vahid HassaniFebruary 11, 2011 at 3:07 PM

    Very Thanks Honey :xXx it solved my problem....

    ReplyDelete
  19. AnonymousMarch 30, 2011 at 11:56 PM

    thanks a lot, awesome article!!

    ReplyDelete
  20. AnonymousApril 2, 2011 at 5:13 PM

    Thank you so much! This solved my problem :-)

    ReplyDelete
  21. AnonymousJune 8, 2011 at 7:58 PM

    Awesome! It worked!

    ReplyDelete
  22. Karry Lynn DaytonJune 15, 2011 at 8:19 AM

    Much appreciated that you took the time to post this how-to

    ReplyDelete
  23. AnonymousAugust 11, 2011 at 3:18 PM

    good work, thanks

    ReplyDelete
  24. KrisBAugust 12, 2011 at 8:55 PM

    Thank you!!! :)
    Very VERY helpful!

    ReplyDelete
  25. AnonymousSeptember 14, 2011 at 4:16 AM

    Problem SOLVED!!!

    Thanks to you

    ReplyDelete
  26. AnonymousOctober 4, 2011 at 4:27 PM

    yahhhhhhhhhhhh

    ReplyDelete
  27. AnonymousOctober 27, 2011 at 1:40 PM

    I am having this error(below):
    Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

    Adding the 'NT AUTHORITY\ANONYMOUS LOGON' the problem goes away...but I am concern about giving database ownership to NT AUTHORITY\ANONYMOUS LOGON.

    Should I be concerned? THanks

    ReplyDelete
  28. AnonymousDecember 13, 2011 at 8:13 AM

    oh my god... I am concern about giving database ownership to NT AUTHORITY\ANONYMOUS LOGON.

    ReplyDelete
  29. AnonymousDecember 13, 2011 at 8:27 AM

    very much appreciated!!

    i really prefer tutorials with pictures. very helpful man. thanks

    ReplyDelete
  30. AnonymousDecember 13, 2011 at 10:45 AM

    Please don't do this. Granting DBO access to IUSR* is a very bad idea. You want to grant the least rights possible to users. If, after granting public access to a user you still see errors you should be granting access to the stored procedures you are using to public, not just giving users the ability to create or drop any table they like.

    ReplyDelete
  31. AnonymousDecember 13, 2011 at 10:58 AM

    I hope you are joking... this is a suicide

    ReplyDelete
  32. AnonymousDecember 13, 2011 at 11:04 AM

    What an amazingly bad idea. Granting sysadmin privileges on the server to IUSR or ANONYMOUS LOGON is setting your machine up to get rooted easily. Assign permissions on an as needed basis, granting the absolute minimum required to any given database user.

    ReplyDelete
  33. AnonymousDecember 13, 2011 at 5:02 PM

    This article, combined with the "Thank you so much!!!" comments makes this the FUNNIEST. POST. EVER.

    ReplyDelete
  34. AnonymousDecember 14, 2011 at 5:38 AM

    I'm printing this out and hanging it on my wall of "Worst Advice In The History Of The World". The author of this post is truly without a clue.

    ReplyDelete
  35. Jimmy ZimmermanDecember 14, 2011 at 9:49 AM

    Please folks do NOT follow this advice. This is the SQL Security equivalent to enabling the Guest account in windows.

    Instead the account needed to access should have very minimal rights and only to those objects required. For example, if the account needs to only perform SELECTs and only a few tables, please put the rights specifically there. If there are plenty of tables, create a role and assign permissions that way. Worse case add the user to the data readers.

    ReplyDelete
  36. AnonymousDecember 15, 2011 at 11:47 AM

    Bah..Bah...Bah..
    Lots of stupid sheep out there.
    If you don't know what you are doing maybe you should find another profession.

    ReplyDelete
  37. AnonymousJanuary 10, 2012 at 11:17 AM

    Thanks a lot.

    ReplyDelete
  38. AhmedSFApril 22, 2012 at 2:29 PM

    You r the man :)
    Thank a lot Prof.

    ReplyDelete
  39. AnonymousJuly 2, 2012 at 3:15 AM

    Well done. It solved the issue

    ReplyDelete
  40. ShantakaramAugust 7, 2012 at 3:04 AM

    Thanks, solved the purpose!

    ReplyDelete
  41. AnonymousAugust 7, 2012 at 11:21 PM

    Thanku so much dear

    ReplyDelete
  42. AnonymousAugust 21, 2012 at 3:11 AM

    Thanks a lot.It Solved My Problem.Thanks again

    ReplyDelete
  43. AnonymousOctober 15, 2012 at 4:45 AM

    Leaving my front door open would solve the problem of the next door neighbour not being able to get in and feed the goldfish whilst I'm on holiday...

    ReplyDelete
  44. AnonymousNovember 4, 2012 at 9:36 AM

    I really appreciate this type of information, thank you very much for the help, you've helped me solve my problem, Greetings!

    ReplyDelete
  45. ParthiNovember 28, 2012 at 2:31 AM

    thanks a lot.

    ReplyDelete
  46. UnforgivenDecember 5, 2012 at 3:19 PM

    master muchas muchas pero muchas gracias!

    ReplyDelete
  47. hardikDecember 20, 2012 at 1:51 AM

    too good. 2 days of hard work, din't found this issue. thanks to this blog :)

    ReplyDelete
  48. free online casino gamesDecember 20, 2012 at 7:41 PM

    virtually all unbelievable foodstuff blogs http://casinogamesonlinex.weebly.com casino games online

    ReplyDelete
  49. AnonymousJanuary 16, 2013 at 7:19 AM

    Thanks a ton! This is exactly what I needed and following these steps solved my problem. Thanks for sharing this.

    ReplyDelete
  50. AnonymousJanuary 18, 2013 at 2:01 AM

    Thanks a lot. it solved my problem.

    ReplyDelete
  51. AnonymousJanuary 23, 2013 at 8:09 AM

    You are great keep up the good work you solved my problem

    ReplyDelete
  52. AnonymousFebruary 14, 2013 at 7:47 AM

    This is great article. The problem is solved.

    ReplyDelete
  53. AnonymousFebruary 18, 2013 at 1:33 PM

    Thanks you save my time
    i was struggling for 2 days
    keep it up
    KAS

    ReplyDelete
  54. sohailJune 19, 2013 at 1:04 AM

    Thank You, Thank You, Thank You, Thank You, Thank You. This post helped me a lot.

    ReplyDelete
  55. AnonymousOctober 26, 2013 at 4:26 AM

    This post has helped me too. I am very thankful. i am wowed at the solution. It worked like magic

    ReplyDelete
  56. AnonymousOctober 28, 2013 at 8:42 AM

    let me just say thank you too ;)

    ReplyDelete
  57. RISHI REDDYDecember 23, 2013 at 10:21 PM

    Super Super. Thanks a lot!

    ReplyDelete
  58. AnonymousFebruary 3, 2014 at 4:20 PM

    Thank you! Solve my problem!!!

    ReplyDelete
  59. UnknownMarch 1, 2014 at 11:59 PM

    i love u

    ReplyDelete
  60. AnonymousApril 29, 2014 at 3:59 AM

    when i host that time it show me error how can solve that time plz help me amil me at desaimandar2@gmail.com plz plz help me

    ReplyDelete
  61. AnonymousMay 8, 2014 at 6:02 AM

    I can not see IUSER in search directory

    ReplyDelete
  62. AnonymousAugust 3, 2014 at 4:38 AM

    DONE DONE DONE DONE......WOW WOW WOW WOW........ Problem finally resolved :)

    ReplyDelete
  63. AnonymousOctober 29, 2014 at 10:36 AM

    An you wonder why credit cards and personal information get stolen..

    ReplyDelete
  64. AnonymousNovember 5, 2014 at 6:43 AM

    Such blogs make our work so easy. thanks alot..keep up the amazing work you are doing

    ReplyDelete
  65. UnknownMarch 31, 2016 at 3:25 AM

    This is the worst advice you could possibly give, granting IUSR sysadmin access and then map it to the database as a db_owner shows a clear misunderstanding of database security. There will now be a lot of vulnerable webpages out there now.

    Just map the login to the required database with only the required permissions, i.e read only if all it does is display data on webpages even better execute permission to the stored Procedures which display and update data. Use ‘The Principle of least privilege’ to help protect your site, its exposed to the internet.

    The above advice will allow for a SQL injection attack which could delete every database on the server and possibly delete all backups using xp_cmdShell, a sysadmin can enable it.
    It goes on but I’ll stop now.

    ReplyDelete
  66. AnonymousSeptember 13, 2016 at 3:06 PM

    Thank you, this solved my issue.

    ReplyDelete
  67. UnknownNovember 11, 2016 at 2:33 AM

    This comment has been removed by the author.

    ReplyDelete
  68. UnknownNovember 11, 2016 at 2:36 AM

    Thank you sir, solve my issue

    ReplyDelete
  69. premJune 29, 2017 at 10:59 PM

    Wow..Solved my issue!!!Spend last two days resolving the same.Thanks

    ReplyDelete

Subscribe to: Post Comments (Atom)