We Keep Coding

ColdFusion 2016 Login failed for SQL Server database

Using ColdFusion 2016 and MS SQL Server Express 2016
I got past the first connection error by turning on TCP/IP and IPALL and setting the port to 1433.
I have SQL Server set to mixed authentication.
ColdFusion Administrator Server: Localhost Port: 1433
Username and password left blank. In SQL Server, the owner is Administrator, the account used to set up SQL Server and ColdFusion.
Now I can't get past the error:
Cannot open database "xxx" requested by the login. The login Failed.
Any suggestions?

I would add a new user for the database.
Go to the database, then go to security, then add the new user.
Make the new user have admin rights to the database.
Located under: Security>Logins>right click user go to properties
Then click user mapping and make sure they are assigned as a admin for this database.
To limit rights later, you may want to remove admin rights, but try that at first to get it working.

Dynamics NAV service Tier - login failed for ANONYMOUS LOGON

I am setting up a service tier for MS Dynamics NAV 2009, but am unable to connect due to a login failure.
Login failed for user 'DOMAIN\ANONYMOUS LOGON'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors.
Error: 18456, Severity: 14, State: 11.
I have the following servers:
SQL Server: sql-dev
Dynamics service tier: dynamicsService
The SQL and Dynamics services are both running under the same domain account.
I have four spns setup:
MSSQLSvc/sql-dev.mycompany.com:1433
MSSQLSvc/sql-dev:1433
MicrosoftDynamicsNAVServer$Dev/dynamicsService.mycompany.com:7046
MicrosoftDynamicsNAVServer$Dev/dynamicsService:7046
Finally, I have Delegation setup for the domain account for both the Dynamics and SQL service. This looks to be the correct setup according to the MS documentation, but it is not working. Any thoughts to where I have gone wrong? Thanks.

Just setting SPNs is not enough. Service Account of SQL Server and Dynamics NAV Service Tier are important. Also their permissions, enabling the Object Change Listener and delegating Access to the SQL Server Service.
If you did all the setup described in this MSDN Article Walkthrough: Installing the Three Tiers on Three Computers, it should work. I did 60+ Setups of NAV 2009 Service Tier that way in the past.
Unfortunately, Delegation Setup in Dynamics NAV 2009 is complex. I suggest get help from Microsoft Support if you are Microsoft Partner or get help from your Dynamics NAV Partner if you are a customer.

Office 365 forbidden 403

When I try to access Office 365 Group Connectors, either in the Outlook web or via Teams app, I receive an error message similar to the one below. Is there some permission missing from my account that prevents me from using connectors?
:-(
Something went wrong.
Message=The remote server returned an error: (403) Forbidden.:ErrorDetails=Operation=GetJoinedGroups:HttpStatusCode=Forbidden:ErrorCode=ErrorAccessDenied:ErrorMessage=Access to OData is disabled.:InnerErrorType=:InnerErrorMessage=:CorrectiveAction=NoAction
RequestId: 2988daef-51e0-4ccb-9145-109b0f806bf8
Server: DM5PR02MB2409
Date: 2016-11-17 16:10:36 -0600

Please escalate this issue to Office 365 Support. This is related to a setting your Tenant Admin has configured.

Authorization and impersonation from ASP.NET application to Dynamics CRM web service

I have a problem about IIS configuration, so at least I think.
I have two different servers, in one of them are installed Microsoft Dynamics CRM 2011, on the second server I have ASP.NET application who talks with Microsoft Dynamics CRM 2011 web service. The problem is there, that I can't configure ASP.NET application.
Application has needed to work in the following:
I open ASP.NET Application who are enabled windows authorization
I login with Active Directory user, which at the same time, is user in Dynamics CRM 2011 system
When I am logged in, application start sending requests to Dynamics CRM web service with the same credentials that I am logged in
Now my configuration is that - enabled Windows authorization, enabled ASP.NET impersonation, application pool run as network service.
Problem is that when I open this application on ASP.NET server by adress localhost they automaticali get credentials with what I am logged in to this server, it's ok, but when I try to open application by address some-hostname.com they requre login, that is also ok, but when I logged in and application start send requests to Dynamics CRM web service. CRM web service response with 401 unauthorize,infer from this that there are problems with credentials who came from IIS.
I try to install and configure this ASP.NET application on the same server where hosts CRM server, there everything works fine.

What you're seeing is the double hoprestriction.
The credentials of the client cannot be forwarded from your ASP.NET application web server to CRM Server unless you configure delegation. For this your AD must already be set up for Kerberos authentication.
Your code will be attempting to connect to CRM using the Application Pool identity. You could configure this as a user within CRM and then use CRM impersonation (nothing to do with Kerberos or AD) by setting the CallerID on the proxy to the guid of the originating user (you'd have to make a call into CRM to get this). There's information about how to do this in the SDK docs.

For an ASP.NET app to impersonate a logged in user, especially from a fully-qualified domain name, you'll need to configure two things.
The App Pool identity for your ASP.NET application. Is this running as Network Service or as a specific user? The identity running the application must be "enabled for delegation." This is an option in Active Directory for that user account. If your application is running as Network Service, you'll want to enable delegation on the Computer account in AD instead of an user account.
The SPN (service principal name) for the application domain. A SPN is kind of like DNS for authentication, and is required for impersonation. If you are just using the machine name (e.g. http://server/app) AND you are using Network Service as the identity, you won't need to configure a SPN because one is set up by default for you when the server joins Active Directory. However, if you use a specific user account for the ASP.NET identity OR you want your users to use a fully qualified domain name (e.g. http://www.server.com), you'll need to tell Active Directory about this, and you do that using a SPN. Your Active Directory administrator should be familiar with SPNs and the setspn.exe command.
Please note that you may need to add a SPN for your CRM server as well, since it is just another ASP.NET application too. You should only need to do this if your internal CRM site is using a user account as the Identity OR you access the internal CRM using a fully-qualified domain name, just like your custom ASP.NET app.
Hope that helps!

401.2 error only with Anonymous Access

I have a web service which the home page is displayed and runs if I turn on Integrated Windows authentication. Now if I turn that off and Anonymous Access is on I can not even get to the wsdl page. I get the error
Access is denied.
Description: An error occurred while accessing the resources required to serve
this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration.
Verify that you have permission to view this directory or page based on the
credentials you supplied and the authentication methods enabled on the Web server.
Contact the Web server's administrator for additional assistance.
Version Information: Microsoft .NET Framework Version:2.0.50727.3625; ASP.NET
Version:2.0.50727.3634
The IIS I am working with is 5.1
I gave IUSER access to the directory, full control for now.
I am out of ideas. Thank you for your help

The root cause of this issue had to do with the website requiring Windows Authentication but the switch for HTTP-keep alive in the IIS Manager was unchecked.