There are two servers, one is app and one is Db both hosted on AWS separate EC2. App server have an IIS and logged in with service account to communicate with DB server. Application is using Trusted_Connection option in connection string so that not have to specify credentials and communicate as logged in user. While communicating App server hits with below error, IIS app was configured with default AppPoolIdentity –
System.Data.SqlClient.SqlException: Login failed for user ‘DOMAIN\MACHINENAME$’.
I read couple of blogs/forums and came across Root cause – NETWORK SERVICE and LocalSystem will authenticate themselves always as the corresponding account locally (builtin\network service and builtin\system) but both authenticate as the machine account when try to connect remotely. Same was happening in my case.
To resolve this I have to change Authentication mode. My database connection is in Windows Authentication mode. So I resolved it by simply changing the Application Pools Identity from ApplicationPoolIdentity to my domain log in credentials DomainName\UserName
- Click on Application Pools
- Select Name of your application
- Go to Advanced Setting
- Expand Process Model and click Identity. Click three dot on right end.
- Click Set… button and Provide your domain log in credentials.
This resolved my issue. Please share if this work for you ?