Integrated Windows Security
From: Ashish Kumar (v-ashisk_at_microsoft.com)
Date: 12/30/03
- Previous message: David Wang [Msft]: "Re: Permanently turn off Integrated Windows Authentication?"
- Next in thread: Jeff Cochran: "Re: Integrated Windows Security"
- Reply: Jeff Cochran: "Re: Integrated Windows Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Dec 2003 00:53:35 -0800
Hi All,
I am facing a challenge, the description is given below:-
For website security, IIS should have "Integrated
Windows" option Checked, Anonymous and Basic Unchecked
and SQL to work in Windows Authentication Mode only.
The implementation should comply with the Security Policy
Guidelines as stated below:
1) The SQL server should be Windows NT
authentication mode only.
2) The IIS (Authentication Methods) should
have "Integrated Windows authentication" Checked.
Note:
IIS and SQL Server are on different machines.
Now when any user accesses the application it results in
a "Login failed for user (null)" even if the User is
added to the SQL.
Perhaps the error is because IIS is not able to pass
credentials to the SQL as both are on different machines.
Where as a scenarios wherein IIS and SQL Server are on
same machine the credentials are passed without any
problem and the user gets authenticated.
In Code, web.config impersonate is set to true.
Is there any other configuration setting which needs to
be taken care off?
Any pointers, suggestions are welcome.
Thanks a lot
Regards
Ashish
- Previous message: David Wang [Msft]: "Re: Permanently turn off Integrated Windows Authentication?"
- Next in thread: Jeff Cochran: "Re: Integrated Windows Security"
- Reply: Jeff Cochran: "Re: Integrated Windows Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
