Re: SQL Integrated Security in .NET

From: Shel Blauman [MSFT] (sheldonb_at_online.microsoft.com)
Date: 06/26/03

  • Next message: basin: "Re: SQL Integrated Security in .NET" 
    Date: Thu, 26 Jun 2003 08:15:34 -0700

    Act as part of the operating system privilege (highly not recommended) is
    the usual cause for this message, but you already have that. Forwarding to
    the Aspnet.Security group which normally discusses these issues. 

    -- 
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"basin" <basingley@yahoo.com> wrote in message
news:06de01c33bec$fa84e580$a001280a@phx.gbl...
> I have a developer trying to run her app on my server
> using sql integrated security. I am getting this error on
> the home page:
> Parser Error Message: Could not create Windows user token
> from the credentials specified in the config file. Error
> from the operating system 'A required privilege is not
> held by the client.
>
> Here is my setup:
> In IIS, Anonymous and Windows Auth. is checked. The
> identity of the iisusr is changed to a domain account that
> is added to the SQL server.
> This line is in her web.config:
> <identity impersonate="true" userName="domain\username"
> password=password"/>
> Machine.config ProcessModel is changed to use "System"
> ASPNET account has "Act as OS" privileges.
> Here is the conn string she has in her global/asax:
> Application("Dem_ConnectionString")
> = "SERVER=ssqlServer;Database=myDatabase;Trusted_Connection
> =True;Integrated Security=SSPI;persist security
> info=True;Connect Timeout=120;"
>
> I got ALL of this from KB articles, but it STILL does not
> work...am I missing something??
> Thanks!!!
>
  • Next message: basin: "Re: SQL Integrated Security in .NET"

    Relevant Pages

    • Re: Impersonation error "A required privillege is not held by the client"
      ... Try granting the user under which the process is running the "Act as part of the operating system" privilege. ... Regards ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: SQL Integrated Security in .NET
      ... Act as part of the operating system privilege is ... > identity of the iisusr is changed to a domain account that ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: error 1314: A required privilege is not held by the client.
      ... adding my domain account to the "Act as part of the operating" ... of adding my domain user account to the "Act as part of the operating", ... the operating system in the user rights policy. ...
      (microsoft.public.windowsxp.security_admin)
    • Unable to assign SeTcbPrivilege (SE_TCB_NAME)!?!?
      ... it seems the process token making the call to LogonUser ... "Act as part of the operating system" aka SeTcbPrivilege aka SE_TCB_NAME... ... I see that my process token still does not have the desired privilege ...
      (microsoft.public.security)
    • Unable to assign SeTcbPrivilege (SE_TCB_NAME)!?!?
      ... it seems the process token making the call to LogonUser ... "Act as part of the operating system" aka SeTcbPrivilege aka SE_TCB_NAME... ... I see that my process token still does not have the desired privilege ...
      (microsoft.public.win2000.security)