|
Home > Archive > IIS Server Security > July 2007 > IIS,SQL Server and Windows Authentication
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
IIS,SQL Server and Windows Authentication
|
|
| Garth Wells 2007-07-11, 7:27 pm |
| I have two servers that are member servers in a trusted domain. One has
IIS 6.0 on 2003 and the other SS on 2003. In an effort to enable
Integrated Authentication I completed the following:
1. Created an application pool named: AppXPortal
2. Changed the Identity for the AppXPortal pool to Local System
3. Assigned the AppXPortal pool to the virtual directory in which the app
is located
4. Gave the ASPNET account Read & Execute permissions on the
subdirectory in which the web is located
5. Gave the SYSTEM account Read & Execute permissions on the
subdirectory in which the web is located
6. Verified Integrated Authentication is enabled on the FinancialReports
virtual directory
7. Verified the ASP.Net app is not configured to impersonate a user
When I execute a valid SQL command I still get a permissions error
referencing the calling server.
Any suggestions?
Thanks
| |
| Ken Schaefer 2007-07-12, 1:22 am |
| If you are not impersonating a user, then ASP.NET wil be running as worker
process identity (LOCALSYSTEM) which is a local account that can't be
assigned permissions to remote resources usually. You'd need to assign
permissions to the computer account instead (webservername$)
Cheers
Ken
"Garth Wells" <nobody@nowhere.com> wrote in message
news:uOhREUBxHHA.3944@TK2MSFTNGP06.phx.gbl...
>I have two servers that are member servers in a trusted domain. One has
> IIS 6.0 on 2003 and the other SS on 2003. In an effort to enable
> Integrated Authentication I completed the following:
>
> 1. Created an application pool named: AppXPortal
>
> 2. Changed the Identity for the AppXPortal pool to Local System
>
> 3. Assigned the AppXPortal pool to the virtual directory in which the app
> is located
>
> 4. Gave the ASPNET account Read & Execute permissions on the
> subdirectory in which the web is located
>
> 5. Gave the SYSTEM account Read & Execute permissions on the
> subdirectory in which the web is located
>
> 6. Verified Integrated Authentication is enabled on the FinancialReports
> virtual directory
>
> 7. Verified the ASP.Net app is not configured to impersonate a user
>
>
> When I execute a valid SQL command I still get a permissions error
> referencing the calling server.
>
> Any suggestions?
>
> Thanks
>
|
|
|
|
|