Re: IIS & SQL, NT authentication for Web
From: Rita Nikas [MSFT] (ritan@online.microsoft.com)
Date: 01/21/03
- Next message: Vishal Gandhi: "Secure a SQL-Server 2000 database."
- Previous message: Peter A. Schott: "Re: Secure a SQL-Server 2000 database."
- In reply to: Dan Foxley: "Re: IIS & SQL, NT authentication for Web"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: ritan@online.microsoft.com ("Rita Nikas [MSFT]") Date: Tue, 21 Jan 2003 00:54:40 GMT
Hi Dan.
No problem. I totally understand :-)
Sincerely,
Rita Nikas, MCSE MCDBA
Product Support Services
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Subject: Re: IIS & SQL, NT authentication for Web
| Date: Sat, 18 Jan 2003 18:13:05 -0800
|
| Rita,
|
| Thanks...
| I guess I wanted to confirm that, yes a user should Authenticate to SQL
| (when its a Web app, as well not JUST a intranet app) with the IUSR
account,
| as a best practice? I'll poke around with the resources..thanks.
|
| Dan
|
|
| ""Rita Nikas [MSFT]"" <ritan@online.microsoft.com> wrote in message
| news:jZvLCuovCHA.2600@cpmsftngxa06...
| > Hi Dan.
| >
| > BTW - Thanks for including the URL with your question. That was a *big*
| > help.
| >
| > Anyway, as your Internet users won't have Windows NT accounts on your
| > server, you do need to use other security, so you would need to allow
| > anonymous access, as far as IIS is concerned. Some additional resources
| > you'll want to review include:
| >
| > Building and Configuring More Secure Web Sites
| >
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
| > ml/openhack.asp
| >
| > Web Application Guide
| >
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iisref60/ht
| > m/aspg_aspg.asp
| >
| > SQL Server Security Modes
| >
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsentpro/ht
| > ml/veconsqlserversecuritymodes.asp
| >
| > Sincerely,
| >
| > Rita Nikas, MCSE MCDBA
| > Product Support Services
| > Microsoft Corporation
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| rights.
| >
| >
| > --------------------
| > | Subject: IIS & SQL, NT authentication for Web
| > | Date: Fri, 17 Jan 2003 07:36:46 -0800
| > |
| > | Howdy,
| > |
| > | Am I correct in that, I should use NT Authentication for IIS to access
| SQL
| > | for a Web application on the Internet? Does the quote below apply to
| > Domain
| > | based Applications only or web applications as well? Any references
| would
| > | be appreciated!
| > |
| > | Thanks
| > | Dan Foxley
| > |
| > | Per:
| > | http://support.microsoft.com/default.aspx?scid=kb;en-us;247931
| > |
| > | Quote:
| > |
| > | Windows NT Authentication
| > | The computer running SQL Server enables access to its data through
| Windows
| > | NT accounts. To enable Windows NT authentication, through the Internet
| > | Information Server (IIS) computer, Basic authentication must be
enabled
| > for
| > | the Web application. To do this, perform the following: ........
| > |
| > |
| > |
| >
|
|
|
- Next message: Vishal Gandhi: "Secure a SQL-Server 2000 database."
- Previous message: Peter A. Schott: "Re: Secure a SQL-Server 2000 database."
- In reply to: Dan Foxley: "Re: IIS & SQL, NT authentication for Web"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
