CREATE TABLE error after IIS APPPOOL ASP.NET-SQL

Question

CREATE TABLE error after IIS APPPOOL ASP.NET-SQL

Navigation

#1 by (1 votes)

0

I have a web application to mount in the IIS, the question is that when I try to visualize some view that uses data from the BD I showed the error of IIS APPPOOL\Licorera .

Checking the internet to fix that error was to give the user permission on the application like this:

exec sp_grantlogin 'IIS APPPOOL\Licorera' 
use ACME
exec sp_grantdbaccess 'IIS APPPOOL\Licorera'

But now he throws this error to me

Se ha denegado el permiso CREATE TABLE en la base de datos 'ACME'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.Data.SqlClient.SqlException: Se ha denegado el permiso CREATE TABLE en la base de datos 'ACME'.

How can I eliminate or correct this error?

PS: I'm using Windows Authentication, the username is ALPHA-2MYT322 / baker_000 and my connection string in the file Web.Config is

<connectionStrings>
    <add name="ACME" connectionString="data source=ALPHA-2MYT322;initial catalog=ACME;Trusted_Connection=Yes;MultipleActiveResultSets=True;App=EntityFramework;User Id=baker_000;Password= ;" providerName="System.Data.SqlClient" />
    <add name="ACME1" connectionString="data source=ALPHA-2MYT322;initial catalog=ACME;Trusted_Connection=Yes;multipleactiveresultsets=True;application name=EntityFramework;User Id=baker_000;Password= ;" providerName="System.Data.SqlClient" />
  </connectionStrings>

sql sql-server asp.net

asked by Baker1562 25.05.2018 в 19:52

source

1 answer

excel macro enter key MySQL subConsulta

score 1 · Accepted Answer

There are several things in this question:

The first thing , is that even if you use Windows authentication in the web.config the application by security issues will always be executed with the account associated with APPPOOL unless you indicate to the IIS that you want impersonate authentication with the current user's account, for which you need to establish the following in the web.config:

<configuration>
  <system.web>
    <identity impersonate="true" />
  </system.web>
</configuration>

In this case, your application would start executing with the user that authenticated in Windows and for this same reason it would be the account that SQL Server would use to connect to the database.

The second thing, is that when you use Windows authentication to connect to SQL Server you should not set any user to the connection string, because it will not be taken into account, since to perform the connection to the database the system will automatically take the user of Windows with which the application is running at that moment.

If you do not use the account: IIS APPPOOL \ Licorera
If your plants would use the account: ALPHA-2MYT322 / [User logged in]

The third thing, already defined the user or the users who will have access to the application, you must go to the SQL SERVER and assign the corresponding permissions. For you, it seems that in addition to the consultation permissions you need the users to have permission to create data structures (which is not highly recommended due to security issues).