Re: NT Authentication in SQL 2K - very urgent!!!

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 03/16/04 

Date: Mon, 15 Mar 2004 22:41:07 -0700

Your middle tier components need to impersonate the
identity of their client in order to the Windows integrated
authentication to SQL to work when the middle tier connects. 

-- 
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4)  MCDBA
"Sandy" <sandy_call@yahoo.com> wrote in message
news:9150A1A1-89D1-48FD-9F3D-550EEF81D20D@microsoft.com...
> Hi,
> I have a n-tier architecture with COM+ components(Business layer and data
access layer running in Windows 2000) and a VB client(presentation layer)
and SQL2k (running in Windows 2000). I have NT authentication to connect to
SQL 2000 and I have permissions of tables assigned to specific groups/users
of the Domain.
>
> Requirement:
> There should not be any sign-in provision that should be required from the
client side (I have to use the NT authentication)
>
> Problem:
> Once I get the userid using the GetUser API from the client, how can I
authenticate with that to SQL?
>
> In the connection string OLEDB, the sttribute used is ...Integrated
Security=SSPI ; Security Info = True; User ID = "ABC" , when I use this in
the COM+ component (The data access layer), the default userid of the COM+
server is used and not the userid of the client machine.
>
> Is there anyway I can forward the NT user name fetched from the client
machine to get authenticated with SQL2k? If yes then how can one I get the
password from the client machine ?
>
> I know that you can call into SSPI API to delegate a user token from one
computer to another, infact the SQL driver does this. But is there any other
easier way?
> Somebody please help!!!
>
> Thanks
>
>
>
>
>
>

Relevant Pages

  • Re: Login failed for ServerGuest
    ... I think it is not a limitation in Windows 2000. ... access SQL server on Win2000 server by using Windows authenctication if I ... | I have noticed that when I try to log in using Windows Authentication ...
    (microsoft.public.sqlserver.connect)
  • RE: How to start/stop windows service on a remote machine?
    ... impersonate the client user(authenticated via integrated windows ... authentication in IIS) and access some remote protected resource(windows ... the problem you meet is a typical windows ... want to continue access other remote machine, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: SP1 und Netzwerkauthentifizierung 802.1x
    ... Es gab mal ein Problem wenn das Client Certificat ... 953650 You cannot connect to an 802.1X wired network after you upgrade to Windows XP Service Pack 3 ... 838502 802.1x client authentication fails when you connect to a Windows Server ... IAS Best Practices: ...
    (microsoft.public.de.windows.vista.installation)
  • Re: Windows Authentication to SQL Server?
    ... oranges in trying to convert an asp.net app which uses forms authentication ... mode throughout the app with one SQL login account into SQL Server versus ... converting the asp.net app into a full individual Windows authentication ... Ultimate goal would be to see the individual windows ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Integrated Authentication (Kerberos) Problem
    ... Verify the SPN for the SQL service account is registered such as the ... >Thread-Topic: Integrated Authentication Problem ... A Windows XP SP1 with IE6 client machine ...
    (microsoft.public.inetserver.iis.security)