Re: Best Practice for Windows Authentication?
From: Hugh Mungo (hugh_mungo_at_hotmail.com)
Date: Fri, 16 Sep 2005 13:46:09 +0100
The solution should work with IIS5 and above.
We are not using ASP.NET this is a classic ASP application.
"David J. Cartwright" <firstname.lastname@example.org> wrote in message
> what version of IIS you running ?, using ASP.NET ?
> "Hugh Mungo" <email@example.com> wrote in message
> > Hi,
> > We are changing our classic ASP web application to use Windows
> > Authentication instead of SQL Server Authentication.
> > I would like to know the best practice for:
> > 1. IIS and SQL Server are on the same machine and
> > 2.When they are on different machines in the same domain.
> > I *think* the solution to 1. is to add the IUSR_MACHINENAME user to SQL
> > Server (this works but is it the best practice?)
> > For 2. I have read different opinions. Some say create a
> > IUSR_IISMACHINENAME
> > account on the SQL Server and make sure they have the same password.
> > say create a user on the domain and use that in IIS as the anonymous
> > (and give that user the relevant rights on SQL Server)
> > I would like to know what is considered the best practice for this sort
> > authentication.
> > Thanks in advance