Re: IIS & SQL Issues

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: S. Justin Gengo (sjgengo_at_aboutfortunate.com)
Date: 04/17/04

• Next message: Maya Young: "Re: Use C# to operate a mobile device"
• Previous message: Cowboy \(Gregory A. Beamer\): "Re: vb.net and c# together"
• In reply to: TipTop: "IIS & SQL Issues"
• Next in thread: Chris Botha: "Re: IIS & SQL Issues"
• Messages sorted by: [ date ] [ thread ]

---

Date: Sat, 17 Apr 2004 16:01:40 -0500

Ok, you've misunderstood what integrated authentication is.

When the integrated authentication check box is the only box checked on a
web site that means that only computer accounts created on the server that
have been given access to the folder the web site files are stored in may
run the website.

When you are using windows authentication in conjunction with sql server
here is what you should do:

1. Create an account on the server (or domain) which is specifically for
the web site to use.
2. In IIS right click on the web site and choose properties and then
click on the directory security tab. Click on the Edit button. Now LEAVE the
anonymous access checkbox checked. Click the Browse button. Set the web site
to run under the account you created for it.
3. In Sql Server add the same account you created for the web site to run
as to sql server and give that account the appropriate permissions to the
database.
4. Set the site to use the account the web site is running for accessing
the database by placing the tag:
<identity impersonate="true" /> into the web.config file

-- 
Sincerely,
S. Justin Gengo, MCP
Web Developer / Programmer
www.aboutfortunate.com
"Out of chaos comes order."
                            Nietzsche
"TipTop" <aburley@speakeasy.net> wrote in message
news:et1380pg1ivehmmehhn9s1ibr3kvnlvbmn@4ax.com...
> I am trying to use integrated  Windows authentication and
> impersonation to run a page that accesses SQL Server via integrated
> security. It's not working -- sort of.   I've set IIS security to
> integrated Windows authentication (and unchecked the other options).
> I've set the web.config to use Windows authentication and set
> impersonation to true. The connection string includes Integrated
> Security = SSPI.  And it works... if you access the page from the same
> machine. If you call the page over the network (even when logged in
> under the same Windows account as when on the server), it fails with
> the "Login failed for user '(null)'" error.   I display the results of
> Environment.UserName on the page (commenting out the sql connection
> code so that it will run when calling it over the network), and in all
> cases it shows the correct username. (I call the page over the network
> and sure enough it displays my account name.)
>
>

---

• Next message: Maya Young: "Re: Use C# to operate a mobile device"
• Previous message: Cowboy \(Gregory A. Beamer\): "Re: vb.net and c# together"
• In reply to: TipTop: "IIS & SQL Issues"
• Next in thread: Chris Botha: "Re: IIS & SQL Issues"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > DotNet  > microsoft.public.dotnet.framework.aspnet  > 2004-04