Utter madness!

From: Paul Mason (masonp_at_cancer.bham.ac.uk)
Date: 07/14/04

• Next message: Joe Kaplan \(MVP - ADSI\): "Re: Access File Share from ASP.NET using Unmanaged Code"
• Previous message: Paul Mason: "Re: Configuring FormsAuthentication from code"
• Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Utter madness!"
• Reply: Joe Kaplan \(MVP - ADSI\): "Re: Utter madness!"
• Reply: Raterus: "Re: Utter madness!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 14 Jul 2004 14:47:10 +0100

I think i've been getting my groups mixed up.

I've been trying to get my intranet system to authenticate to SQL server
(2K) using a trusted connection for some time and have had to wait until we
upgraded to Active directory for kerberos to start working (I'm not 100%
sure it's kerberos so bear with me).

Now I've hit the final brick wall which means this isn't ever gonna happen
in the current setup. It finally twigged (dropped like a tonne of lead more
like) when I read in the help :

"If your application runs on a Windows-based intranet, you might be able to
use Windows integrated security for database access. Integrated security
requires:
  a.. That SQL Server be running on the same computer as IIS...... "
I can't believe that someone from MS actually wrote this. Are they
mad?...IIS and SQL server on the same machine....hackers paradise! Appart
from being plain dangerous, it's bad networking practice, bad programming
practice...it's just bad.

Does anyone know if they are actually going to write something useful...or
are we stuck with forms authentication forever!?! Not that I'm complaining.

Cheers...P

• Next message: Joe Kaplan \(MVP - ADSI\): "Re: Access File Share from ASP.NET using Unmanaged Code"
• Previous message: Paul Mason: "Re: Configuring FormsAuthentication from code"
• Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Utter madness!"
• Reply: Joe Kaplan \(MVP - ADSI\): "Re: Utter madness!"
• Reply: Raterus: "Re: Utter madness!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Novell eDirectory: Will it work with SQL Server integrated security? ... Can you use Novell eDirectory to authenticate against a SQL Server using integrated security? ... Chuck ... (microsoft.public.sqlserver.security) Please explain loss of token between web server box and sql box ... relating to Integrated Security with Asp.Net IIS 5 and Sql Server 2k. ... The problem arises when endeavouring to use Integrated Security at all ... grant the group Sql Server access and rights to the relevant database. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Connecting to a sql server database ... You are trying to use integrated security in your app (as is shown in the ... line numbered code where the connection string is shown). ... sql server, hence integrated security fails. ... > causing the error message and what the correction for this. ... (microsoft.public.dotnet.general) Re: Active Directory and SQL Server Connection ... when you say that you intend to use integrated security, ... creating a WindowsIdentity and calling Impersonate on that. ... > Thanks Sahil, ... so they have access to the sql server. ... (microsoft.public.dotnet.framework.adonet) Re: Please explain loss of token between web server box and sql box ... The client user principal is a W2K AD domain member, the users accounts must be set up as "delegatable" in the AD. ... The IIS server's "machine account" is trusted for delegation in the AD. ... The SQL server SPN must be registered in the AD, or must run under "localsystem" identity. ... > relating to Integrated Security with Asp.Net IIS 5 and Sql Server 2k. ... (microsoft.public.dotnet.framework.aspnet.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint