Re: Integrated Security with Remote Server

From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 07/23/03


Date: Wed, 23 Jul 2003 12:58:19 -0400


Um, not sure I completely understand the setup, but try enabling auditing to
see which account is being used to authenticate?

http://securityadmin.info/faq.htm#auditing

It could be that IIS is using your personal account while your out of
process applications are using the IWAM account?

http://securityadmin.info/faq.htm#iwam

"howard" <hward@utvgroup.com> wrote in message
news:031601c35079$1cdbfd30$a101280a@phx.gbl...
> I have seen a lot of discussion of issues related to my
> question on various newsgroup threads, but can't find the
> specific answer I need.
>
> I'm developing an ASP.NET application that will run behind
> our corporate firewall. It uses integrated Windows
> authentication determine whether a user is allowed to
> access various functions in the Web application. Normally,
> IIS and SQL Server run on the same computer. SQL Server
> Authentication is not enabled. Nor do we use
> Impersonation. Instead, we give SQL Server login privilege
> and database access to the local ASPNET account.
>
> One complication is that the Web application spawns out-of-
> process worker processes, and these also must access the
> SQL database.
>
> All this works OK.
>
> For debugging, I would like to connect to a remote SQL
> server instead. If I enable Impersonation and assign my
> personal account prvileges on the remote database, the the
> Web application can access the remote database, but the
> worker process cannot.
>
> One solution would be to use SQL Server Authentication.
> But, there must be a pure Windows Authentication solution
> also. What would that be?
>
> An acceptable solution for debugging would be to start IIS
> logged in under my personal account. Is there a way to do
> this?
>



Relevant Pages

  • Re: Basic Authentication fails with Error 401.2 where Integrated s
    ... I didn't realise the Web Sites folder in IIS manager threw up a global ... sure that Basic Authentication is allowed to function on your server. ... ACCOUNTNAME, this is the account that I am trying to grant access to: ... Account: COMPUTERNAME\ACCOUNTNAME Access type: FULL ...
    (microsoft.public.inetserver.iis.security)
  • Re: Basic Authentication fails with Error 401.2 where Integrated s
    ... On the IIS directory security tab, anonymous access is disabled, digest ... authentication is disabled, integrated authentication is disabled and basic ... account created has full permissions for the folder and the file that's in it. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Basic Authentication fails with Error 401.2 where Integrated s
    ... Just as a check I used NET USER /ADD on my test account and as expected ... The password dialog is supposed to appear for Basic authentication ... Thinking more esoterically now -- what are the login rights assigned ... IIS uses a specific login type, ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 5 Authentication problem- solved
    ... Tom Kaminski IIS MVP ... Can you log in using an administrator account, ... >> Subject: Re: IIS 5 Integrated Windows Authentication ... >> case there is no group, it is just the one server, ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 6 fails anonymous connection
    ... It sounded like you configured sub-authentication, which on prior IIS ... The reason that you have to have Integrated authentication enabled along ... so there is some sort of configuration problem specific to ... The resources must also be ACL'd for this user account or else you will get ...
    (microsoft.public.inetserver.iis.security)