Re: Best Practice for Windows Authentication?

From: David J. Cartwright (davidcartwright_at_hotmail.com)
Date: 09/16/05

• Next message: Hari Prasad: "Re: User function permissions"
• Previous message: Hugh Mungo: "Best Practice for Windows Authentication?"
• In reply to: Hugh Mungo: "Best Practice for Windows Authentication?"
• Next in thread: Hugh Mungo: "Re: Best Practice for Windows Authentication?"
• Reply: Hugh Mungo: "Re: Best Practice for Windows Authentication?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 16 Sep 2005 08:13:47 -0400

what version of IIS you running ?, using ASP.NET ?

http://msdn2.microsoft.com/en-us/library/bsz5788z

"Hugh Mungo" <hugh_mungo@hotmail.com> wrote in message
news:%23igmiopuFHA.3500@TK2MSFTNGP09.phx.gbl...
> Hi,
>
> We are changing our classic ASP web application to use Windows
> Authentication instead of SQL Server Authentication.
>
> I would like to know the best practice for:
> 1. IIS and SQL Server are on the same machine and
> 2.When they are on different machines in the same domain.
>
> I *think* the solution to 1. is to add the IUSR_MACHINENAME user to SQL
> Server (this works but is it the best practice?)
>
> For 2. I have read different opinions. Some say create a
> IUSR_IISMACHINENAME
> account on the SQL Server and make sure they have the same password. Other
> say create a user on the domain and use that in IIS as the anonymous user
> (and give that user the relevant rights on SQL Server)
>
> I would like to know what is considered the best practice for this sort of
> authentication.
>
> Thanks in advance
>
>

---

• Next message: Hari Prasad: "Re: User function permissions"
• Previous message: Hugh Mungo: "Best Practice for Windows Authentication?"
• In reply to: Hugh Mungo: "Best Practice for Windows Authentication?"
• Next in thread: Hugh Mungo: "Re: Best Practice for Windows Authentication?"
• Reply: Hugh Mungo: "Re: Best Practice for Windows Authentication?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Windows Authentication with IIS on separate machines ... Yes, setting Basic Authentication in IIS works, but the ... >in SQL server but doesn't work if user account was ... >imported from a Windows account. ... (microsoft.public.sqlserver.security) Re: Authentication problem ... As matt notes below, even if nothing on your box has changed it's possible ... > On your IIS box, check the HTTP Authentication tab of the SQL Server ... (microsoft.public.sqlserver.ce) RE: IIS (ASP) -> SQLServer Authentication Issue ... I understand that you'd like to use IIS Intergration authentication in the ... and ASP "impersonates" authencitaed users to access SQL Server on ... only kerberos authentication allows double-hops from clients ... (microsoft.public.sqlserver.security) IIS vs ASP.Net Authentication problem ... Requirement is to use 'domain\iisuser' to authenticate in SQL Server ... Only Integrated Windows Authentication enabled (Anonymous/basic/digest ... unchecked) in IIS 5 ... Login failed for user 'CCMIWS05\ASPNET'. ... (microsoft.public.dotnet.security) RE: Interdev not creating project (authenticate failure) ... | 1st Computer (for SQL Server and IIS): ... | Member of: Administrators ... Also in IIS console, rightclick the web site and go to properties/directory ... Integrated Windows and check Basic authentication. ... (microsoft.public.inetserver.iis.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)