Re: Constrained Delegation Problem: SQL partially delegated
- From: "Ken Schaefer" <kenREMOVE@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 21 Nov 2006 01:48:35 -0000
Glad you got it working. Kerberos service tickets are based on the SPN (as
you have discovered). the SPN contains a name (NetBIOS, FQDN etc) only. It
does not differentiate between server technologies (e.g. ASP and ASP.NET
pages) for example. If your ASP page is working fine, but your ASP.NET one
isn't, then something else is the matter.
Cheers
Ken
--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
"JimLad" <jamesdbirch@xxxxxxxxxxx> wrote in message
news:1163783113.460418.276160@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Apologies! Turns out my ASP code was pointing at one db server and
asp.net was pointing at a different db server. Sorry!!
James
JimLad wrote:
Hi,
I have set up delegation and IT WORKS to link through to a back end SQL
server.
However for security reasons I want to limit the services that can be
delegated to to MSSQLSvc on the db server. An SPN has been set up for
the SQL server account on port 1433.
When I swap to constrained delegation a simple asp page with ADO still
works, but my main app doesn't. The technologies used are ASP.NET 1.1
(ADO.NET), ASP (ADO), and SQLXML virtual directory.
I assume that either I need to enable another port or add another
service. Can someone enlighten me?
Cheers,
James
.
- References:
- Prev by Date: Get certificate expiry date.
- Next by Date: Re: Virtual Directory to a remote UNC not working properly
- Previous by thread: Re: Constrained Delegation Problem: SQL partially delegated
- Next by thread: "Failed to access IIS metabase" after installing Windows XP Pro
- Index(es):
Relevant Pages
|
