468,234 Members | 1,675 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,234 developers. It's quick & easy.

Is it possible for IIS and SQL server on Separate Machines with integrated auth

Hi

It is possible that IIS and SQL Server can reside on
Seperate Machines and you can use Integrated Windows
Authentication to connect.

Ravikanth

-----Original Message-----
Is it possible for IIS and SQL server on Separate Machineswith integrated windows Authentication in ASP.NET?

The IIS and SQL server are on sepatated machines. I want
to use the Integrated Windows Authentication. In IIS I
enable NTLM. In web.config, I have <authentication
mode="Windows" /> <identity impersonate="true"/>. But
still failed. The IIS pass through account
domainname/IIScomputername$ to SQL Server. But in the IISor in the domain, it doesn't have the such account.

Then I search in Microsoft, found such article
http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindowsDo mainUser.asp . It said the SQL server should be running on
the same computer as IIS. But I also found another articlehttp://support.microsoft.com/default.aspx?scid=kb;EN-
US;176379. That's for asp. It said asp can do that. So I'mjust wondering is it possible also for ASP.NET?

robert
.

Nov 17 '05 #1
4 8187
hi, Ravikanth;

Could you give me more info how to do that? I've tried. I
set the IIS ->Directory Security -> Anonymous access and
authentication control-> edit-> select "integrated windows
authentication", no others. In web.config, <authentication
mode="Windows" /> <identity impersonate="true"/>. In
connection string,"integrated
security=SSPI;Trusted_Connection=Yes; persist security
info=False;" But still failed. The account from IIS send
to SQL server as the login account
is "domainname/IIScomputername$"

So what the problem I've done? how to solve the problem?

In msdn, http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindowsDoma
inUser.asp. it said, Integrated security requires: That
SQL server be running on the same computer as IIS. Is that
wrong?

thanks
robert
-----Original Message-----
Hi

It is possible that IIS and SQL Server can reside on
Seperate Machines and you can use Integrated Windows
Authentication to connect.

Ravikanth

-----Original Message-----
Is it possible for IIS and SQL server on Separate

Machines
with integrated windows Authentication in ASP.NET?

The IIS and SQL server are on sepatated machines. I want
to use the Integrated Windows Authentication. In IIS I
enable NTLM. In web.config, I have <authentication
mode="Windows" /> <identity impersonate="true"/>. But
still failed. The IIS pass through account
domainname/IIScomputername$ to SQL Server. But in the

IIS
or in the domain, it doesn't have the such account.

Then I search in Microsoft, found such article
http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindowsDo

ma
inUser.asp . It said the SQL server should be running on
the same computer as IIS. But I also found another

article
http://support.microsoft.com/default.aspx?scid=kb;EN-
US;176379. That's for asp. It said asp can do that. So

I'm
just wondering is it possible also for ASP.NET?

robert
.

.

Nov 17 '05 #2
Robert,

If you go through the steps in the following URLs you
should get this set up no problem.

http://support.microsoft.com/default.aspx?scid=kb;en-
us;319723

http://support.microsoft.com/default.aspx?scid=kb;en-
us;810572

Before going through all steps I would recommend that you
check the following:

Advanced option in IE of Enable Integrated Windows
Authentication is selected.

Using these articles enabled me to set up an environment
connecting from Client A -> IIS Server -> SQL Cluster
using integrated security and impersonation.

Hope that helps

Aidan Glendye
-----Original Message-----
hi, Ravikanth;

Could you give me more info how to do that? I've tried. I
set the IIS ->Directory Security -> Anonymous access and
authentication control-> edit-> select "integrated windowsauthentication", no others. In web.config, <authenticationmode="Windows" /> <identity impersonate="true"/>. In
connection string,"integrated
security=SSPI;Trusted_Connection=Yes; persist security
info=False;" But still failed. The account from IIS send
to SQL server as the login account
is "domainname/IIScomputername$"

So what the problem I've done? how to solve the problem?

In msdn, http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindowsDom ainUser.asp. it said, Integrated security requires: That
SQL server be running on the same computer as IIS. Is thatwrong?

thanks
robert
-----Original Message-----
Hi

It is possible that IIS and SQL Server can reside on
Seperate Machines and you can use Integrated Windows
Authentication to connect.

Ravikanth

-----Original Message-----
Is it possible for IIS and SQL server on Separate

Machines
with integrated windows Authentication in ASP.NET?

The IIS and SQL server are on sepatated machines. I wantto use the Integrated Windows Authentication. In IIS I
enable NTLM. In web.config, I have <authentication
mode="Windows" /> <identity impersonate="true"/>. But
still failed. The IIS pass through account
domainname/IIScomputername$ to SQL Server. But in the

IIS
or in the domain, it doesn't have the such account.

Then I search in Microsoft, found such article
http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindowsD o
ma
inUser.asp . It said the SQL server should be running

onthe same computer as IIS. But I also found another

article
http://support.microsoft.com/default.aspx?scid=kb;EN-
US;176379. That's for asp. It said asp can do that. So

I'm
just wondering is it possible also for ASP.NET?

robert
.

.

.

Nov 17 '05 #3
still doesn't work. Same error.

any other suggestion?

robert
-----Original Message-----
Robert,

If you go through the steps in the following URLs you
should get this set up no problem.

http://support.microsoft.com/default.aspx?scid=kb;en-
us;319723

http://support.microsoft.com/default.aspx?scid=kb;en-
us;810572

Before going through all steps I would recommend that you
check the following:

Advanced option in IE of Enable Integrated Windows
Authentication is selected.

Using these articles enabled me to set up an environment
connecting from Client A -> IIS Server -> SQL Cluster
using integrated security and impersonation.

Hope that helps

Aidan Glendye
-----Original Message-----
hi, Ravikanth;

Could you give me more info how to do that? I've tried. I
set the IIS ->Directory Security -> Anonymous access and
authentication control-> edit-> select "integratedwindows
authentication", no others. In web.config,

<authentication
mode="Windows" /> <identity impersonate="true"/>. In
connection string,"integrated
security=SSPI;Trusted_Connection=Yes; persist security
info=False;" But still failed. The account from IIS send
to SQL server as the login account
is "domainname/IIScomputername$"

So what the problem I've done? how to solve the problem?

In msdn, http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindowsDo

ma
inUser.asp. it said, Integrated security requires: That
SQL server be running on the same computer as IIS. Isthat
wrong?

thanks
robert
-----Original Message-----
Hi

It is possible that IIS and SQL Server can reside on
Seperate Machines and you can use Integrated Windows
Authentication to connect.

Ravikanth
-----Original Message-----
Is it possible for IIS and SQL server on Separate
Machines
with integrated windows Authentication in ASP.NET?

The IIS and SQL server are on sepatated machines. I

wantto use the Integrated Windows Authentication. In IIS I
enable NTLM. In web.config, I have <authentication
mode="Windows" /> <identity impersonate="true"/>. But
still failed. The IIS pass through account
domainname/IIScomputername$ to SQL Server. But in the
IIS
or in the domain, it doesn't have the such account.

Then I search in Microsoft, found such article
http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/vbcon/html/vbtskAccessingSQLServerUsingMappedWindows
Doma
inUser.asp . It said the SQL server should be runningonthe same computer as IIS. But I also found another
article
http://support.microsoft.com/default.aspx?scid=kb;EN-
US;176379. That's for asp. It said asp can do that. So
I'm
just wondering is it possible also for ASP.NET?

robert
.

.

.

.

Nov 17 '05 #4
Hi Robert:

WIth IIS and SQL on seperate machines, you'll need to go one step past
"impersonation" and look at "delegation" via Kerberos. There is a good
description of why your situation does not work and the steps you
would need to take to use delegation in the following article (see the
"Security" section):

http://www.databasejournal.com/featu...nt.php/2211161
Delegation requires a specific network environment, and is also
riskier from a security perspective, so you might want to consider the
"Delegation Alternatives" in the .net docs:

http://msdn.microsoft.com/library/de...Delegation.asp
On Thu, 31 Jul 2003 23:27:03 -0700, "robert"
<ro**********@atfreeweb.com> wrote:
hi, Ravikanth;

Could you give me more info how to do that? I've tried. I
set the IIS ->Directory Security -> Anonymous access and
authentication control-> edit-> select "integrated windows
authentication", no others. In web.config, <authentication
mode="Windows" /> <identity impersonate="true"/>. In
connection string,"integrated
security=SSPI;Trusted_Connection=Yes; persist security
info=False;" But still failed. The account from IIS send
to SQL server as the login account
is "domainname/IIScomputername$"

So what the problem I've done? how to solve the problem?


--
Scott
Nov 17 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by tcg_gilbert | last post: by
2 posts views Thread by Matt F | last post: by
1 post views Thread by Mohamed Zaki | last post: by
reply views Thread by stephen | last post: by
1 post views Thread by Michel Vanderbeke | last post: by
reply views Thread by NPC403 | last post: by
reply views Thread by kermitthefrogpy | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.