Re: ASP.NET (IIS 6.0) Windows authentication/SQL Server problem

From: Chris Jackson (
Date: 10/06/03

Date: Mon, 6 Oct 2003 15:59:49 -0400

How are you doing your authentication? The matrix here will explain what
credentials you are passing - note that you will want to pass a domain
account rather than a local account if you are authenticating to a different

Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
"Nick Gilbert" <> wrote in message
> Hi,
> On Windows 2000, I use the following connection string in my ASP.NET
> applications:
> <add key="ConnectionString" value="server=(local);Integrated
> Security=SSPI;database=knowledge" />
> I then created a login in SQL Server for the ASPNET/<machine name> user
> assigned it to a WWWUsers role. This meant that SQL Server automatically
> made requests from the website under the WWWUsers role. In IIS, I then
> removed anonymous access from the /admin/ folder on the website, which
> caused IE to prompt for a username and password. If I logged in as
> 'webadmin' and a webadmin login had been created on SQL Server for that
> database in the WWWAdmins role, then it would automatically run website
> queries by administrators under the WWWAdmins role.
> *HOWEVER*, under Windows 2003 Server (IIS6), this seems to be broken. It
> either doesn't prompt for a username and password, or if it does, it seems
> to ignore it completely and SQL Server still puts me in the WWWUsers role.
> have put the NETWORK AUTHORITY/NETWORK SERVICE user in the WWWUsers role,
> and the webadmin user (a valid Windows account) is still in the WWWAdmins
> role.
> Why is IIS 6 not behaving the same way as IIS 5.5 on Windows 2000? Have I
> made a mistake somewhere or is there a way to make it work in the same way
> as Windows 2000?
> Thanks,
> Nick Gilbert