Re: ASP.NET (IIS 6.0) Windows authentication/SQL Server problem

From: Chris Jackson (chrisj_at_mvps.org)
Date: 10/06/03


Date: Mon, 6 Oct 2003 15:59:49 -0400

How are you doing your authentication? The matrix here will explain what
credentials you are passing - note that you will want to pass a domain
account rather than a local account if you are authenticating to a different
machine.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP05.asp

-- 
Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
-- 
"Nick Gilbert" <news@nickgilbert.com> wrote in message
news:uudoeyciDHA.1952@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> On Windows 2000, I use the following connection string in my ASP.NET
> applications:
>
> <add key="ConnectionString" value="server=(local);Integrated
> Security=SSPI;database=knowledge" />
>
> I then created a login in SQL Server for the ASPNET/<machine name> user
and
> assigned it to a WWWUsers role. This meant that SQL Server automatically
> made requests from the website under the WWWUsers role. In IIS, I then
> removed anonymous access from the /admin/ folder on the website, which
then
> caused IE to prompt for a username and password. If I logged in as
> 'webadmin' and a webadmin login had been created on SQL Server for that
> database in the WWWAdmins role, then it would automatically run website
> queries by administrators under the WWWAdmins role.
>
> *HOWEVER*, under Windows 2003 Server (IIS6), this seems to be broken. It
> either doesn't prompt for a username and password, or if it does, it seems
> to ignore it completely and SQL Server still puts me in the WWWUsers role.
I
> have put the NETWORK AUTHORITY/NETWORK SERVICE user in the WWWUsers role,
> and the webadmin user (a valid Windows account) is still in the WWWAdmins
> role.
>
> Why is IIS 6 not behaving the same way as IIS 5.5 on Windows 2000? Have I
> made a mistake somewhere or is there a way to make it work in the same way
> as Windows 2000?
>
> Thanks,
>
> Nick Gilbert
>
>
>
>