Re: SQL Integrated Security in .NET1.1

From: Cowboy \(Gregory A. Beamer\) (NoSpamMgbworld_at_comcast.netRemuvThis)
Date: 06/26/03 

Date: Thu, 26 Jun 2003 13:04:32 -0500

<identity impersonate="true" userName="domain\username"
password=password"/>

unless you have a domain user called "username" you have your problem
identified. Impersonation where you want to impersonate the user logged in
requires two things.

1. Get rid of the userName attribute
2. Make sure the user is logged in (get rid of anon access, or set ACLs on
specific files -- or programatically handle it). 

-- 
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
Author: ADO.NET and XML: ASP.NET on the Edge
****************************************************************************
****
Think Outside the Box!
****************************************************************************
****
"basin" <basingley@yahoo.com> wrote in message
news:086b01c33bfb$fee0c7c0$a001280a@phx.gbl...
> I have a developer trying to run her app on my server
> using sql integrated security. I am getting this error on
> the home page:
> Parser Error Message: Could not create Windows user token
> from the credentials specified in the config file. Error
> from the operating system 'A required privilege is not
> held by the client.
>
> Here is my setup:
> In IIS, Anonymous and Windows Auth. is checked. The
> identity of the iisusr is changed to a domain account that
> is added to the SQL server.
> This line is in her web.config:
> <identity impersonate="true" userName="domain\username"
> password=password"/>
> Machine.config ProcessModel is changed to use "System"
> ASPNET account has "Act as OS" privileges.
> Here is the conn string she has in her global/asax:
> Application("Dem_ConnectionString")
> = "SERVER=ssqlServer;Database=myDatabase;Trusted_Connection
> =True;Integrated Security=SSPI;persist security
> info=True;Connect Timeout=120;"
>
> I got ALL of this from KB articles, but it STILL does not
> work...am I missing something??
> Thanks!!!
>

Relevant Pages

  • Re: Fax in an asp.net page
    ... Or more importantly, it is not a domain account, and cannot gain access to ... you did substitute for the real name of your ... password for your username and password. ... > the impersonation, look complecated for me, i didn't try it. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Windows 2000 client cant map network drive on windows server 2003
    ... the local username and/or password on the 2000 workstation that is used is ... different from both the xp pro local user and domain user; ... the local administrator account has password of admin ... when the batch file runs it uses the current credentials. ...
    (microsoft.public.windows.server.networking)
  • Re: Microsoft office tools behave badly after domain change/profile co
    ... Word and Excel not holding the username. ... added the domain user permission to the old ... > Outlook will not start at all. ...
    (microsoft.public.access.security)
  • Re: Sharing Drives
    ... There is one thing that can be done create a user account on each workgroup ... machine with the name username and password as the Domain user. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: GetFileSecurity return ERROR_ACCESS_DENIED
    ... > that launched Internet Explorer (a domain user). ... so it is executed under the account of the user ... > can't hard code all username and password. ...
    (microsoft.public.security)