Boring article about fixing a 'Login failed... untrusted domain' issue when connecting to SQL Server.
secretGeek .:dot Nuts about dot Net:.
home .: about .: sign up .: sitemap .: secretGeek RSS

Boring article about fixing a 'Login failed... untrusted domain' issue when connecting to SQL Server.

This will be the most boring and dry technical post I've ever written. I promise. I'm only writing it down because I hear Jeff Atwood's voice in my head telling me that if I haven't shared the solution then there's almost no value in solving it.

So here was the problem...

On one of my machines, in recent months, anytime I tried to run an asp.net application that attempts to connect to a SQL Server database I receive this error:

Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.

This is in a scenario where everything is local: I'm on a home computer, using a local database server. And it doesn't matter if I'm using IIS, webdevserver, or IIS Express. It doesn't matter if I'm trying to connect to SQL Express or SQL Server 2008 r2. I can enter the credentials using the machine name or IP address. The result is the same.

Looking in the Windows Event Viewer I see:

SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. [CLIENT: ].

Most of the 'solutions' online were not applicable because they involve domain issues. This is just a local machine.

One particular forum message involved a guy with a similar setup to me. He solved the problem for himself, but left behind only this very abbreviated and somewhat cryptic explanation:

Solved. Traced the prob. to my net setup. The clue was this a msg in the Win System Log from Lsasrv about the target name and it showed the fqdn. Did some checks and the fqdn didn't look right, cleaned up my network config (I had customized it for another project), and now it's workin.

The 'fqdn' is the fully qualified domain name. I found three different ways to find my fqdn, and one of them disagreed with the others! So this was a smoking gun.

Method 1 for finding the fqdn: When I right clicked on "computer" in the start menu and looked at the properties, the 'full computer name' was reported as 'Leon_xps'.

Method 2 for finding the fqdn: When I ran "ipconfig /all" and got these values for Host Name and Primary Dns Suffix:

   Host Name . . . . . . . . . . . . : Leon_xps
   Primary Dns Suffix  . . . . . . . : 

(Add them together and you get a fqdn of just 'Leon_xps'

Method 3 for finding the fqdn: In cmd when I ran 'ping -a Leon_xps' I saw a very unexpected result!

It said:

Pinging leonx_xps [192.168.1.2] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Notice that it's changed the name 'leon_xps' into 'leonx_xps' and come up with the ipaddress of '192.168.1.2'. instead of what I expected (such as a loopback address, 127.0.0.1... or some IPv6 nonsense)

There's only one kind of alchemy I know of for turning a good name into a crazy ipaddress: and that's the magic of the HOSTS file.

So I looked in there for 'leonx_xps' and I found it. Found this crazy nonsense line, probably added by myself during some other wild-goose-chase for a solution to some other messed up problem:

192.168.1.2 leonx_xps leon_xps

Once I'd commented out that rule, the asp.net application immediately started to connect succesfully to SQL Server 2008 r2. And I can move forward with my testing of Massive and Dapper.

But just mentioning the probable cause of this (not cleaning up during an earlier problem-panic) I remember that earlier tonight, while frantically trying to fix this problem I added some stupid rules to the windows firewall. I had better go and remove them now before my computer gets owned. Hey wait a moment!? Why is my CPU at 100%? Be right back...





'Jake' on Sun, 08 May 2011 20:53:17 GMT, sez:

Not as boring as you promised! I want my 5 minutes back!
Jake: lover of boring things



'lb' on Tue, 10 May 2011 05:42:20 GMT, sez:

This site may go down for a short while.



'Mark' on Tue, 21 Jun 2011 14:57:35 GMT, sez:

An echo of thanks ...



'Baud' on Sat, 01 Oct 2011 17:17:41 GMT, sez:

Looking to the c:\windows\system32\drivers\etc\hosts file was the key. Thx for having taken the boring time to write this useful article

regards



'Travis' on Thu, 27 Oct 2011 14:40:56 GMT, sez:

YAY this solved my problem. Thanks. It was actually the fact that the FQDN was in the hosts file. It was forcing SQL to use the full name and choke



'finacial chain' on Mon, 02 Jul 2012 08:05:20 GMT, sez:

Wow, nice post,there are many person searching about that now they will find enough resources by your post. <a href="http://www.abreakingfinancialchain.com/">finacial chain</a>



'ryan gosling jacket' on Wed, 04 Jul 2012 13:10:20 GMT, sez:

Such a nice post to share.


<a href="http://www.angeljackets.com/products/Ryan-Gosling-Drive-Scorpion-Jacket.html">ryan gosling jacket</a>



'Akin' on Wed, 18 Jul 2012 13:21:56 GMT, sez:

Thanks a lot. I saved many hours trying to figure it out.



'Shaun' on Fri, 17 Aug 2012 05:39:46 GMT, sez:

Hi,
I had this problem and "finally" worked out that the cause was not that my machine was in an untrusted domain, it was that I was.
I had logged in to the local machine and not the domain user account. Arrr!!!
If this helps anyone get through this frustration it was worth the 30 seconds it has taken me to post this, after 3 hours of bashing my head against my keyboard.
Cheers



'Nicotine' on Wed, 12 Sep 2012 21:59:52 GMT, sez:

Most of the 'solutions' online were not applicable because they involve domain issues. This is just a local machine.



'Jeremy Finch' on Mon, 08 Oct 2012 19:38:16 GMT, sez:

You so totally rock. Well, that is what I get for trying to get rid of some weird traffic over my network...
Thanks again ! Hope this article stays on top for any with this issue !



'Pinakin' on Fri, 30 Oct 2009 20:37:41 GMT, sez:

Hellp I need help urgent I am getting this error. my .Net app devloper not able to connect the database server which one on SQL server 2008R2. I check event error and sql log I found this error.. Please help me out ASAP...

SSPI handshake failed with error code 0x80090311, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. [CLIENT: 10.1.100.82].


Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: 10.1.100.82]



'Pinakin' on Fri, 30 Oct 2009 20:42:20 GMT, sez:

Hellp I need help urgent I am getting this error. my .Net app devloper not able to connect the database server which one on SQL server 2008R2. I check event error and sql log I found this error.. Please help me out ASAP...


SSPI handshake failed with error code 0x80090311, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. [CLIENT: 10.1.100.82].


Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. [CLIENT: 10.1.100.82]



'Toni' on Fri, 03 Jan 2014 07:58:37 GMT, sez:

In mycase, the problem for this error (SSPI handshake failed with error code 0x8009030c) was case-sensitive characters for my username.
On windows 2012 R2 server the username was written as "toni" and on the local machine the username was "Toni".

When I adjusted the username in the same way on both machines ("Toni"), everything was ok. It worked.



'Bridal lehenga' on Mon, 03 Feb 2014 11:16:12 GMT, sez:

Thanks for your kindly post,and welcome to vist our cheap coach website



'John Kirshy' on Tue, 15 Apr 2014 10:12:03 GMT, sez:

This post is still instrutional, although my was a domain issue, it still helped me solve the issue.




name


website (optional)


enter the word:
 

comment (HTML not allowed)


All viewpoints welcome. Incivility is not tolerated, such comments are deleted.

 

I'm the co-author of TimeSnapper, a life analysis system that stores and plays-back your computer use. It makes timesheet recording a breeze, helps you recover lost work and shows you how to sharpen your act.

 

NimbleText - FREE text manipulation and data extraction

NimbleText is a Powerful FREE Tool

I wrote this, and use it every day for:

  • extracting data from text
  • manipulating text
  • generating code

It makes you look awesome. You should use NimbleText, you handsome devil!

 

Articles

The Canine Pyramid The Canine Pyramid
Humans: A Tragedy. Humans: A Tragedy.
ACK! ACK!
OfficeQuest... Gamification for the Office Suite OfficeQuest... Gamification for the Office Suite
New product launch: NimbleSET New product launch: NimbleSET
Programming The Robot from Diary of a Wimpy Kid Programming The Robot from Diary of a Wimpy Kid
Happy new year 2014 Happy new year 2014
Downtime as a service Downtime as a service
The Shape of Your Irrationality The Shape of Your Irrationality
This is why I don't go to nice restaurants any more. This is why I don't go to nice restaurants any more.
A flowchart of what programmers do at work all day A flowchart of what programmers do at work all day
The Telepresent Man. The Telepresent Man.
Interview with an Ex-Microsoftie. Interview with an Ex-Microsoftie.
CRUMBS! Commandline navigation tool for Powershell CRUMBS! Commandline navigation tool for Powershell
Little tool for making Amazon affiliate links Little tool for making Amazon affiliate links
Extracting a Trello board as markdown Extracting a Trello board as markdown
hgs: Manage Lots of Mercurial Projects Simultaneously hgs: Manage Lots of Mercurial Projects Simultaneously
You Must Get It! You Must Get It!
AddDays: A Very Simple Date Calculator AddDays: A Very Simple Date Calculator
Google caught in a lie. Google caught in a lie.
NimbleText 2.0: More Than Twice The Price! NimbleText 2.0: More Than Twice The Price!
A Computer Simulation of Creative Work, or 'How To Get Nothing Done' A Computer Simulation of Creative Work, or 'How To Get Nothing Done'
NimbleText 1.9 -- BoomTown! NimbleText 1.9 -- BoomTown!
Line Endings. Line Endings.
**This** is how you pivot **This** is how you pivot
Art of the command-line helper Art of the command-line helper
Go and read a book. Go and read a book.
Slurp up mega-traffic by writing scalable, timeless search-bait Slurp up mega-traffic by writing scalable, timeless search-bait
Do *NOT* try this Hacking Script at home Do *NOT* try this Hacking Script at home
The 'Should I automate it?' Calculator The 'Should I automate it?' Calculator

Archives Complete secretGeek Archives

TimeSnapper -- Automated Screenshot Journal TimeSnapper: automatic screenshot journal

25 steps for building a Micro-ISV 25 steps for building a Micro-ISV
3 minute guides -- babysteps in new technologies: powershell, JSON, watir, F# 3 Minute Guide Series
Universal Troubleshooting checklist Universal Troubleshooting Checklist
Top 10 SecretGeek articles Top 10 SecretGeek articles
ShinyPower (help with Powershell) ShinyPower
Now at CodePlex

Realtime CSS Editor, in a browser RealTime Online CSS Editor
Gradient Maker -- a tool for making background images that blend from one colour to another. Forget photoshop, this is the bomb. Gradient Maker



[powered by Google] 

How to be depressed How to be depressed
You are not inadequate.



Recommended Reading


the little schemer


The Best Software Writing I
The Business Of Software (Eric Sink)

Recommended blogs

Jeff Atwood
Joseph Cooney
Phil Haack
Scott Hanselman
Julia Lerman
Rhys Parry
Joel Pobar
OJ Reeves
Eric Sink

InfoText - amazing search for SharePoint
LogEnvy - event logs made sexy
Computer, Unlocked. A rapid computer customization resource
Aussie Bushwalking
BrisParks :: best parks for kids in brisbane
PhysioTec, Brisbane Specialist Physiotherapy & Pilates
 
home .: about .: sign up .: sitemap .: secretGeek RSS .: © Leon Bambrick 2006 .: privacy

home .: about .: sign up .: sitemap .: RSS .: © Leon Bambrick 2006 .: privacy