0

Have a C# App and SQL Server database from a domain environment; restored the DB in a non-domain support environment (SQL Server running in a Docker Container). Connections are successful via ODBC using SQL Server authentication:

Server         10.0.0.1
LoginID        <username of dbOwner>
Password       <password>
Default db     ThisProject

The C# App, however, always returns "Login failed: The login is from an untrusted domain" with every variation of a normal connect string:

data source=10.0.0.1;
initial catalog=ThisProject;
integrated security=False; 
User Id=<dbOsner>;
Password=<password>;
Trusted_Connection=False;

How does one configure the connect string so that the C# App connects with SQL Server authentication?

TIA!

Tested with variations:

integrated security=False, True, SSPI, <missing>;
trusted_Connection=False, True;
Omnitec
  • 1
  • 1
  • 1
    Pick any (appropriate) of: https://www.connectionstrings.com/sql-server/ ? – Luuk Feb 14 '23 at 17:43
  • Are the credentials you are using for a SQL Server account or a domain account? If it is a domain account, it won't work if the SQL Server isn't joined to the domain. – Paul Pearce Feb 14 '23 at 18:03
  • Yes, .. tried connectionstrings.com/sql-server, but no examples for SQL Server authentication and there is no domain server here in the lab. The dbOwner is a SQL Server user. – Omnitec Feb 14 '23 at 18:49
  • Here is an example of what we use, you would of course need to replace the placeholders with the appropriate values for your server: `"Server=tcp:10.0.0.1,1433;Initial Catalog=;User ID=;Password=;MultipleActiveResultSets=True;Encrypt=True;TrustServerCertificate=True;Connection Timeout=30;"` – Paul Pearce Feb 14 '23 at 18:53
  • Nice, .. but no difference; connection still refused due to untrusted domain. We did not build the original App, is there anything else that would force a domain trust outside the connect string? – Omnitec Feb 14 '23 at 20:33
  • If the application is solely using the connection string then I'd suggest removing one of `Integrated Security` or `Trusted_Connection` connection string properties - they are synonyms and having both could be confusing the matter, ref: [SqlConnection Connection String](https://learn.microsoft.com/en-us/dotnet/api/system.data.sqlclient.sqlconnection.connectionstring). Do you have the source code for the C# app? It could well be using a `ConnectionStringBuilder` class to read the connection string and then override some properties before using the result to connect. – AlwaysLearning Feb 14 '23 at 21:39
  • "is there anything else that would force a domain trust" Can you check If you have "SQl Server and Windows authentication mode" selected (see picture below this link: [second option]{https://www.mssqltips.com/sqlservertip/2191/how-to-check-sql-server-authentication-mode-using-t-sql-and-ssms/#:~:text=use%20Windows%20Authentication.-,Check,-Using%20SSMS) )? If that second option is checked, you do not need a domain trust, but a local account (with proper authorization in SQL ) – Luuk Feb 15 '23 at 19:01
  • The server has always been mixed mode, .. – Omnitec Feb 15 '23 at 19:02
  • Finally found a workaround - runas: runas.exe /netonly /user: "<.exe name>.exe" Very inelegant, but does appears to survive a rebuild. – Omnitec Mar 07 '23 at 16:45

0 Answers0