We're migrating an IIS/SQL Server site from 2008 to 2012, and I'm having a problem with authentication. We use Windows Authentication to authenticate as DOMAIN\COMPUTER$, but this isn't working, giving an error saying:
Login failed for user 'DOMAIN\COMPUTER$'. Reason: Could not find a login matching the name provided. [CLIENT: <local machine>]
I've verified that the account exists, and even deleted and recreated it
create login "DOMAIN\COMPUTER$" from windows
If I do it again, I get the response:
Msg 15025, Level 16, State 2, Line 1
The server principal 'DOMAIN\COMPUTER$' already exists.
(DOMAIN\COMPUTER is substituted for the real domain and computer name)
So it appears that the site is querying the SQL Server, but the SQL Server isn't looking at its logins very hard.
What have I missed?
Best Answer
It is most likely not the DOMAIN\computer$ at all. This message is known to be a misleading. I think all it wants is that "NT AUTHORITY\NETWORK SERVICE" be granted the server access. Open SQL Server login properties and add this account. Also, check what user is used in the IIS to impersonate anonymous user, it should be something like "IUSR_ServerName". Grant access to this user as well