Re: Best Practice for Windows Authentication?

From: Hugh Mungo (hugh_mungo_at_hotmail.com)
Date: 09/16/05 

Date: Fri, 16 Sep 2005 13:46:09 +0100

The solution should work with IIS5 and above.
We are not using ASP.NET this is a classic ASP application.

"David J. Cartwright" <davidcartwright@hotmail.com> wrote in message
news:OcQFYgruFHA.2076@TK2MSFTNGP14.phx.gbl...
> what version of IIS you running ?, using ASP.NET ?
>
> http://msdn2.microsoft.com/en-us/library/bsz5788z
>
> "Hugh Mungo" <hugh_mungo@hotmail.com> wrote in message
> news:%23igmiopuFHA.3500@TK2MSFTNGP09.phx.gbl...
> > Hi,
> >
> > We are changing our classic ASP web application to use Windows
> > Authentication instead of SQL Server Authentication.
> >
> > I would like to know the best practice for:
> > 1. IIS and SQL Server are on the same machine and
> > 2.When they are on different machines in the same domain.
> >
> > I *think* the solution to 1. is to add the IUSR_MACHINENAME user to SQL
> > Server (this works but is it the best practice?)
> >
> > For 2. I have read different opinions. Some say create a
> > IUSR_IISMACHINENAME
> > account on the SQL Server and make sure they have the same password.
Other
> > say create a user on the domain and use that in IIS as the anonymous
user
> > (and give that user the relevant rights on SQL Server)
> >
> > I would like to know what is considered the best practice for this sort
of
> > authentication.
> >
> > Thanks in advance
> >
> >
>
>

Relevant Pages

  • Re: Relogin with microsoft integrated authentication
    ... I am using classic ASP with IIS5 on win2000. ... If Integrated authentication is inabled is there a way to logout a user ...
    (microsoft.public.inetserver.iis.security)
  • Re: Windows Authentication in asp.net 2005 to SQL Server?
    ... If the domains do not trust each other, Windows authentication is not going ... Basic authentication sometimes makes the need for Kerberos delegation go ... generic account to do the backend data stuff on our SQL Server. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: I dont want to re-invent the Login/Login Wheel - Help with utilities
    ... Yes, if you use .NET1.1, there isn't built-in login control, and more importanltly there isn't ready-to-use membership component to use. ... the membership provider uses SQL Server or SQL Server Express. ... We feel that having the capability to force password change would be a better benefit in securing our application and data access. ... Both Windows authentication and authorization wolud be be fine if we wanted the world to have access to our application data, but not very intuitive for maintaining integrity over our data. ...
    (microsoft.public.vstudio.general)
  • RE: IIS (ASP) -> SQLServer Authentication Issue
    ... I understand that you'd like to use IIS Intergration authentication in the ... and ASP "impersonates" authencitaed users to access SQL Server on ... only kerberos authentication allows double-hops from clients ...
    (microsoft.public.sqlserver.security)
  • Re: SBS Premium Edition .. what way is SQL licenced
    ... Another thing to note in using your SQL Server as a backend database is the ... concept of Forms-based authentication and Integrated Windows authentication. ... thereby requiring individual CALs to access SQL Server. ... Chad A. Gross - SBS MVP ...
    (microsoft.public.windows.server.sbs)