IIS (ASP) -> SQLServer Authentication Issue

I have seen numerous pages and forum e-mails about this issue on the
Internet and would like to know if someone can tell me if it is possible to
do the following:
- IIS 6 machine serving ASP pages, integrated authentication, machine
trusted for delegation in the domain
- SQLServer 2000 machine with mixed authentication (same domain as IIS 6
machine)
- I want the ASP pages to access the SQLServer machine using the
authentication credentials provided to IIS as part of integrated
authentication
As far as I can determine, it should be possible as covered in this article
http://support.microsoft.com/kb/319723/en-us. However, I'm currently
getting the error:
Microsoft OLE DB Provider for SQL Server error '80004005'
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection.

My problem is that I've tried to make this work in our environment in the
past without success. A couple of months ago, it suddenly started working,
and then recently (a day ago) stopped again. The system administrators say
no changes were made that would cause it to stop working.

When researching this issue again on the Internet I did not find many people
trying to do what I wanted to do. Understandably, most people are
interested in solutions where the users accessing the web pages are not
domain users that have access to the SQLServer database - but in my
situation that's what I have. The only solutions I saw offered to this
solution were to turn on Basic Authentication (I know this will work, but do
not want to do this as it negatively impacts the user experience and do not
want passwords crossing the network in the clear) or to setup some other
domain account (I don't want to do this because I want to be using the user
accounts) that IIS would use to access SQLServer. No mention was made of
the kerberos/delegation solution that I identified above.

Is it possible to do what the article describes above? Is there any reason
it should not work? Has anyone had success with the above article?

Thanks, Tyler


.

Relevant Pages

  • Re: WM5 can not sync to exchange
    ... I checked all the authentication settings and they are as you requested. ... After running the internet connection wizard I had to uncheck the Require ... On the SBS 2003 Server open the Server Management console. ... Open IIS Manager ...
    (microsoft.public.windows.server.sbs)
  • Re: Authentication filter
    ... > configure IIS to take advantage of the authentication firewall? ... it seems that you need to make it impossible for internal users to see ... > server (that is opened to VPN or internet). ...
    (microsoft.public.inetserver.iis)
  • Re: 401 error for user that used to logon fine
    ... Was over the Internet and you were right. ... > Why are you getting prompted by NTLM? ... How IIS Authenticates Browser Clients ... > Directory with Integrated Authentication ONLY -or- NTFS permissions ...
    (microsoft.public.inetserver.iis.security)
  • Re: setting up a webshare
    ... >>I have a folder i'd like to make available across the internet. ... >> it connects fine and displays the user authentication dialog box. ... > (A web share is really an IIS virtual directory.) ...
    (microsoft.public.inetserver.iis)
  • Re: How do you connect to SQL server using SQL users with Windows Auth? help
    ... enable basic, digest (if sqlserver not on same box as iis, turn on ... Windows authenticatio, Forms authentication, none of .net, but still get a ... > I am able to connect with the same user but with SQL Authentication ...
    (microsoft.public.dotnet.framework.aspnet)