.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Logon Failure Security Event 534 and Impersonation

Posted By:      Posted Date: October 04, 2010    Points: 0   Category :ASP.Net

I have an app that uses impersonation to gain access to a database (on server separate from IIS).  The app connects to the database using a trusted connection and seems to be working just fine.  However, we get these logon failure events in the security event viewer:

Event Type:	Failure Audit
Event Source:	Security
Event Category:	Logon/Logoff 
Event ID:	534
Date:		9/27/2010
Time:		7:49:06 AM
Computer:               XXXXXXXXXX
Logon Failure:
 	Reason:	The user has not been granted the requested
 		logon type at this machine
 	User Name:	pticket
 	Domain:		YYY
 	Logon Type:	5
 	Logon Process:	Advapi  
 	Authentication Package:	Negotiate
 	Workstation Name:	XXXXXXXXXXXXXXX
 	Caller User Name:	NETWORK SERVICE
 	Caller Domain:	NT AUTHORITY
 	Caller Logon ID:	(0x0,0x3E4)
 	Caller Process ID:	5960
 	Transited Services:	-
 	Source Network Address:	-
 	Source Port:	-


It must have something to do with impersonation because the login failure is for the domain account which my app is impersonating under.  But again, the app is working fine so I'm having a hard time figuring out how to stop these logon failures.

Please advise on how to tackle this.  Thanks in advance to all who reply!

View Complete Post

More Related Resource Links

Security Briefs: Improve Manageability through Event Logging


When something goes wrong, a manageable application will tell the administrator how to fix the problem. The Windows Event Log can provide the necessary information.

Keith Brown

MSDN Magazine April 2007

Failure Message Object WSS_Content_MyActiveSite failed in event OnBackup




Hey Guys,

I am hoping you can help me with my backup issues.  I am currently trying to run a backup and I keep getting the same error message (whether it is a full, farm, or differential).


For this example I am just trying to backup my active site and i get the following error message.


Object WSS_Content_MyActiveSite failed in event OnBackup. For more information, see the spbackup.log or sprestore.log file located in the backup directory


when I check the log, i get the following information:


10/6/2010 1:36:35 PM] Verbose: Starting OnBackup event.
[10/6/2010 1:36:35 PM] Verbose: Starting object: SharePoint - My Active Site.
[10/6/2010 1:36:36 PM] Verbose: Starting object: WSS_Content_MyActiveSite.
[10/6/2010 1:36:36 PM] Progress: [SharePoint - My Active Site] 50 percent complete.
[10/6/2010 1:36:36 PM] Verbose: Starting object: job-workflow-failover.
[10/6/2010 1:36:38 PM] Progress: [job-workflow-failover] 50 percent complete.
[10/6/2010 1:36:38 PM] Verbose: [WSS_Content_MyActiveSite] SQL Server Connection String: Data Source=SV03MIS017\SHP1;Initial Catalog=WSS_Content_MyActiveSite;Integrated Security=True;Enlist=False;Connect Timeout=15.
[10/6/2010 1:36:38 PM] Verbose: Starting object: ExpirationProcessing.

Impersonation Security Effectiveness?



I was learning about the T-SQL Execute AS impersonation ability and something seems to be going over my head. I have a SQL Account say SQLWeb that I give access to DbaseA. SQLWeb runs DbaseA.DBO.sp_GetData. This sp calls DbaseB.dbo.usp_GetData. Since SQLWeb does not have access to DbaseB this fails. SQLOverlord does however have acces so I grant Impersonate SQLOverlord to SQLWeb. Well in effect what have I accomplished? SQLWeb now can exec sp's on Dbase2 so why go through the hassle. So I know there has to be a reason it's just not clicking in my pea brain.

Thank You


Logon failure for user DOMAIN\servername$. [Client xxx.xxx.xxx.xxx]

My SQL Server 2005 is logging repeated EventID 18456 Category 4, Severity 14 State 11.  This would indicate that the login is valid but server access failed.  A trace showed that the failure is occuring on an attempted login to the Master database.  According to the error message the login attempt is not coming from a database user, it is coming from the server itself, as servername$.  That is, say the server is named Paris on domain MYDOMAIN.  The user login that is failing would be MYDOMAIN\Paris$.  The client IP address is the IP address for the server named Paris.  I don't know what it means and I don't know what to do about it.  The Paris server does host an application that uses a database on the SQL Server but that application is running fine.
Terry Smith

The service did not start due to a logon failure


Hi all,

I'm having some severe problems with the sql server service account on a cloned VM. When I try to change the service account through sql server configuration manager I get the following error message:

Here is some background info:

  • this is a VM, Win 2008 R2 Std
  • the VM was recently cloned 
  • A clean SQL Server 2008 was upgraded to R2 *before* the clone process
  • The machine is in an AD domain, the account is a new, empty domain account
  • The sql server service is able to start with the Local System and the AD service account that was used before the cloning...
  • ...no other accounts work, not even a domain admin account

I was able to find this article but it refers to a domain controller and the services are not the same:


'IIS' & 'Kerberos' + SQL Login Failure for user 'NT AUTHORITY\ANONYMOUS LOGON'


Hi all,

Have spent hours and hours trying to work out what is goin on with this issue and i still cant figure it out.

Hopefully someone here will be able to help.

A few details to start with...

Win Server 2003 x64

SQL Server 2008

SQL RS 2008


Server A

SQL Server

Reporting Services


Server B

Reporting Services


Server B is scaled out and joined to reportserver DB of Server A.

ASP on both servers. Some apps only run on server B

Server B IIS workgroup ID is running under a domain account.


Kerberos Authentication is enabled.


I am showing intermittant errors in the RS logs stating that a connection cannot be made to a particular database, using login 'NT AUTHORITY\ANONYMOUS LOGON' even though anonymous logons are disabled in IIS.


SQL Server logs state this error as....

Date        19/05/2011 11:11:36
Log        SQL Server (Current - 19/05/2011 11:11:00)

Source        Logon

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Reason: Token-based server access

SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Radio Button Event

Here I have explained the events of radio button with javascript.
Let me explain the scenarion first,
We are having two radio button say radioobtn1 and radiobtn2. If I click on the button 1 then I need to show one DIVor FORM. same as when I click on radiobtn 2. I have given the code for the above scenarion.

Asp.net web site security database


Hello all, I'm new to asp.net and I'm currently practising some few stuffs. I'm creating a hotel reservation system using ASP.net Web site in visual studio 2008 and I currently don't have an App_Data in my solution explorer unlike visual web developer.

1. I have planned to make users of the website login before making their reservations.

2. I have also planned to develop the website such that I will be able to know all reservations made by each user.

First and formost, I will like to know how I can access/View the security database?

Secondly, how do I link my custom made reservation database and the security database in order to achieve my second plan above.?

Someone help me.

Thank you.

how to impose javascript event processing?


If I have some form control like textbox and I want the event handler to be located in the html instead of at the server side, how to do that? Of course I can copy paste javascript code in the aspx file. But is it possible to do that using some object oriented approach (ie programmatically in the code behind)?




hello i have the following problem

i have upload my content to hosting server but i get the following error

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of typ

Dropdown Event (Template Field)



I have grid view control that includes a dropdown control in a template field.

I wish to execute some code when the value is changed in the dropdown list.  Can't figure out how to capture this event though?

Any suggestions?

System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPerm


Good Day all,

Having an issue with an outside user accessing my IIS7 box. I do not have this problem when running the website from my host machine. I found this post: Http://forums.asp.net/t/1371394.aspx. I assure you that this is not a solution because I am not storing any of my files on a network share. 

What do you think my approach should be. 

I already have read rights to IIS user to my BIN folder. 

Thanks for the help. 

XBAP Security


We have a small XBAP file upload app that we are having trouble deploying. We were getting security errors when we were pushing this application that we don't get when running in our development environments on our machines. We gave the XBAP app full permissions and still got errors. Then we created a personal certificate and were able to get this to work. But that means we have to load a client side certificate for each and every machine that wants to run this which is ridiculous. Does anyone have a solution for this?

Intranet Users Challenged When Using Windows Integrated Security


We've setup an intranet site using Windows Integrated Security. Its up and running and users can access it. However, they are being challenged with a login dialog for the server when they initially access the site.

Isn't is possible to configure the server so that the users aren't challenged AND are recognized as being already authenticated by Windows? We're trying to go with a seamless experience, whereby all they have to do is login to their machine like normal and then go from there.

Wrong Account being used to access files - Help - No Impersonation


I run a simple .aspx website on a Windows Server 2008 machine.

There is NO impersonation, and System.Security.Principal.WindowsIdentity.GetCurrent().Name returns NT AUTHORITY\NETWORK SERVICE, which it the account which the application pool runs. In my web.config, I have <authentication mode="Forms">.


I tried to test the security of the application and server by removing file permissions to the .aspx files. I was greatly worried when the website continued to run without problem (it should not have been able to read the .aspx files).

By turning on file level auditing, I discovered that the .aspx files were being read by the machine$ account (if the machine is called Serv1, then the files would be read by the Serv1$ account, which seems to have access to all files on the local machine).


Is this a security breach or is this behaviour by design ?

Please can somebody assist, as I am worried.

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend