Login failure from asp.net delegation

From: p (abefuzzleduser2@yahoo.com)
Date: 08/13/02 

From: "p" <abefuzzleduser2@yahoo.com>
Date: Tue, 13 Aug 2002 14:31:50 -0500

We want to use windows 2000 User auth to query sql 2000 using security
groups that we have in place for an asp.net database page. I am trying to
setup delegation from iis to sql machine using integrated Auth. I have only
checked "Integrated Windows Auth" in IIS and have added this to web.config.
I have not added a login to the database since i thought it passes in the
entered credentials.
<authentication mode="Windows" />

<identity impersonate="true" />

The web page runs on my dev machine with iis local, db remote, probably
because I am am a domain admin. But when run the production IIS server I
get this error after having to enter my domain login information. Login
Failed for user anonymous user.

SQL Profiler shows that user="Anonymous Login" and login = "NT
authority/Anonymous Login" are trying to login to the database and fail. So
it looks like it is not sending my entered username to SQL ? Or does it
login using
ASPNET and then pass the user credentials?

I could not add the ASPNET user to sql logins from that local acct on IIS
machine.

If I fill in the anon IIS user with a domain acct/password, it does work.
The page is displayed but it does not seem to work with restricting user
access. It seems to let everyone in?

Thanks
P

Relevant Pages

  • Re: Logging in irrespective of database access
    ... Sysadmin role members have full permissions, ... SQL Server MVP ... > My problem is that in the Login section of Enterprise Manger I have to> specify that each login has the System Admin ticked under Server Roles> because in SQL 2000 there doesn't seem to a Grant All permissions option> like there used to be in SQL 6.5. ... > What's the point in having the Database Access section if the System Admin> under Server Roles allows you to get into anything?. ...
    (microsoft.public.sqlserver.server)
  • Re: Logging in irrespective of database access
    ... Sysadmin role members have full permissions, ... SQL Server MVP ... > My problem is that in the Login section of Enterprise Manger I have to> specify that each login has the System Admin ticked under Server Roles> because in SQL 2000 there doesn't seem to a Grant All permissions option> like there used to be in SQL 6.5. ... > What's the point in having the Database Access section if the System Admin> under Server Roles allows you to get into anything?. ...
    (microsoft.public.sqlserver.server)
  • Re: Logging in irrespective of database access
    ... Sysadmin role members have full permissions, ... SQL Server MVP ... > My problem is that in the Login section of Enterprise Manger I have to> specify that each login has the System Admin ticked under Server Roles> because in SQL 2000 there doesn't seem to a Grant All permissions option> like there used to be in SQL 6.5. ... > What's the point in having the Database Access section if the System Admin> under Server Roles allows you to get into anything?. ...
    (microsoft.public.sqlserver.programming)
  • Re: Logging in irrespective of database access
    ... Sysadmin role members have full permissions, ... SQL Server MVP ... > My problem is that in the Login section of Enterprise Manger I have to> specify that each login has the System Admin ticked under Server Roles> because in SQL 2000 there doesn't seem to a Grant All permissions option> like there used to be in SQL 6.5. ... > What's the point in having the Database Access section if the System Admin> under Server Roles allows you to get into anything?. ...
    (microsoft.public.sqlserver.programming)
  • RE: Login failure from asp.net delegation
    ... Check out SQL Server BOL "Security Account Delegation" You need to do more ... than just check "Integrated Windows ... the same principles apply to IIS. ... | I have not added a login to the database since i thought it passes in the ...
    (microsoft.public.sqlserver.security)