Re: Kerberos / Authentication to SQL2K

From: Paul Mason (masonp_at_cancer.bham.ac.uk)
Date: 07/14/04 

Date: Wed, 14 Jul 2004 14:38:49 +0100

Please ignore my previous post....I have finally discovered the madness of
the situation. From the help in visual studio :

"If your application runs on a Windows-based intranet, you might be able to
use Windows integrated security for database access. Integrated security
requires:
  a.. That SQL Server be running on the same computer as IIS. "
Err what!?!....Are they mad? This breaks all the rules of good development,
appart from being about a dangerous as you can get. The mere suggestion of
this is so stupid that I completely overlooked it. Even when I spotted it I
had to read it several times to get over the shock.

Does anyone know when they are going to create a proper system for
authenticating users to SQL server? Is it likelly to happen in Whidbey?

Cheers...P

"Paul Mason" <masonp@cancer.bham.ac.uk> wrote in message
news:uAcX5KZaEHA.2364@TK2MSFTNGP10.phx.gbl...
>
> Hi folks,
>
> I thought I'd got this sorted, but apparently not.
>
> Everything in the documentation indicates that setting the IIS settings to
> use integrated logins and changing my authentication mode in web.config to
> windows would be all I needed to do. It didn't want to know the
> authentication until I switched on impersonation either.
>
> Thus my web.config has
>
> <authentication mode="Windows"/>
> <identity impersonate="true"/>
>
> When ia had it setup on my local machine, it authenticated OK (which it
> didn't before when in an NT domain).
>
> When set up on my web server however, I get the "Login failed for user
> '(null)'. Not associated with a trusted login" error, whenever I access a
> page that needs to authenticate to my SQL server.
>
> Each machine (web server, sql server, workstations) are in an active
> directory domain.
>
> I thought kerberos sorted this all out?? I have no intention of using
> impersonation...I'd rather stick to forms authentication.
>
> Any ideas??
>
> Cheers...P
>
>

Relevant Pages

  • Re: Windows Authentication in asp.net 2005 to SQL Server?
    ... If the domains do not trust each other, Windows authentication is not going ... Basic authentication sometimes makes the need for Kerberos delegation go ... generic account to do the backend data stuff on our SQL Server. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Remote connection failed
    ... If you are going over a remote connection or are not logging ... into the domain where SQL Server is then no, Windows ... authentication won't work. ...
    (microsoft.public.sqlserver.connect)
  • Windows Authentication with IIS on separate machines
    ... Yes, setting Basic Authentication in IIS works, but the ... >in SQL server but doesn't work if user account was ... >imported from a Windows account. ...
    (microsoft.public.sqlserver.security)
  • Re: Login failed for ServerGuest
    ... I think it is not a limitation in Windows 2000. ... access SQL server on Win2000 server by using Windows authenctication if I ... | I have noticed that when I try to log in using Windows Authentication ...
    (microsoft.public.sqlserver.connect)
  • Re: server authentication & ASP authentication
    ... on to the client workstation with an authorized Windows account. ... SQL Server with Windows authentication. ...
    (microsoft.public.sqlserver.security)