Comments on: Strange Windows Authentication Behavior http://www.kerrywong.com/2009/07/30/strange-windows-authentication-behavior/ Fri, 12 Mar 2010 01:25:24 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Matt Neerincx (MSFT) http://www.kerrywong.com/2009/07/30/strange-windows-authentication-behavior/comment-page-1/#comment-45210 Matt Neerincx (MSFT) Sun, 31 Jan 2010 01:02:51 +0000 http://www.kerrywong.com/?p=1429#comment-45210 Yes, this is difficult behavior to explain but I can take a crack. If the SQL Server is a default instance and running on a non-standard port (not running on 1433), then tcp protocol will always fail. You have to specify the port for tcp. What happens next is the client provider will try named pipes protocol after tcp protocol fails. Named pipes uses a well known named pipe and will work as long as the thread of execution has sufficient NT security to perform SMB request to remote server. Depending upon how you configure ASP.NET security the named pipe can fail or succeed. Tcp is agnostic to NT security and will succeed as long as you supply the port. This applies to default instance, if it's a named instance client does not have to supply port the port is determined by running a UDP 1434 lookup. Yes, this is difficult behavior to explain but I can take a crack.

If the SQL Server is a default instance and running on a non-standard port (not running on 1433), then tcp protocol will always fail. You have to specify the port for tcp. What happens next is the client provider will try named pipes protocol after tcp protocol fails. Named pipes uses a well known named pipe and will work as long as the thread of execution has sufficient NT security to perform SMB request to remote server.

Depending upon how you configure ASP.NET security the named pipe can fail or succeed. Tcp is agnostic to NT security and will succeed as long as you supply the port.

This applies to default instance, if it’s a named instance client does not have to supply port the port is determined by running a UDP 1434 lookup.

]]> By: Rich http://www.kerrywong.com/2009/07/30/strange-windows-authentication-behavior/comment-page-1/#comment-35830 Rich Fri, 31 Jul 2009 03:23:55 +0000 http://www.kerrywong.com/?p=1429#comment-35830 So I assume it's still working? That sure was weird and I agree not so satisfying since the "fix" didn't make a whole lot of sense. In retrospect, we could have tried running SQL Server Profiler to see if a connection was actually being made or ask the network guys to run a sniffer trace if it really got bad. So I assume it’s still working? That sure was weird and I agree not so satisfying since the “fix” didn’t make a whole lot of sense. In retrospect, we could have tried running SQL Server Profiler to see if a connection was actually being made or ask the network guys to run a sniffer trace if it really got bad.

]]>