Re: Integrated Security with Remote Server

From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 07/23/03


Date: Wed, 23 Jul 2003 12:58:19 -0400


Um, not sure I completely understand the setup, but try enabling auditing to
see which account is being used to authenticate?

http://securityadmin.info/faq.htm#auditing

It could be that IIS is using your personal account while your out of
process applications are using the IWAM account?

http://securityadmin.info/faq.htm#iwam

"howard" <hward@utvgroup.com> wrote in message
news:031601c35079$1cdbfd30$a101280a@phx.gbl...
> I have seen a lot of discussion of issues related to my
> question on various newsgroup threads, but can't find the
> specific answer I need.
>
> I'm developing an ASP.NET application that will run behind
> our corporate firewall. It uses integrated Windows
> authentication determine whether a user is allowed to
> access various functions in the Web application. Normally,
> IIS and SQL Server run on the same computer. SQL Server
> Authentication is not enabled. Nor do we use
> Impersonation. Instead, we give SQL Server login privilege
> and database access to the local ASPNET account.
>
> One complication is that the Web application spawns out-of-
> process worker processes, and these also must access the
> SQL database.
>
> All this works OK.
>
> For debugging, I would like to connect to a remote SQL
> server instead. If I enable Impersonation and assign my
> personal account prvileges on the remote database, the the
> Web application can access the remote database, but the
> worker process cannot.
>
> One solution would be to use SQL Server Authentication.
> But, there must be a pure Windows Authentication solution
> also. What would that be?
>
> An acceptable solution for debugging would be to start IIS
> logged in under my personal account. Is there a way to do
> this?
>