Using Integrated Security for Accessing SQL on Remote Server

[eRic]

Hello,

I am currently trying to use integrated security to access the SQL database for the ASP.NET application (deployed on an intranet)

I am following this article
[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vbcon/html/vbtskaccessingsqlserverwithexplicitcredentials.as[/url]

So far I hav
1. Set the Web.config file to impersonate a specific domain use
<identity impersonate="true" userName = "myDomain\myUserName" password="password"/
2. Created the login in the SQL server and given it appropriate permission
3. Used Integrated Security = SSPI in the connection strin
4. IIS does not allow anonymous access on the site and is using Windows Integrated Securit

So far it's a no go

I've also gone as far as to set the same user (that maps to the SQL login) as the user for the processModel and still nothing
(do you need to reboot the box before changes in machine.config take place?

I read a previous thread that said you need to enable Kerberos delegation for any identity to be passed acrossed machines. Is that the case? If so I really don't understand how the article that I mentioned above could work

Thank
- e

[Kunal]

What is the error you are getting ? "Login Failed for NT Authority/System" ?

--
-------------------------------------------------------
[url]http://www.qnal.net/inkabletype[/url]

"eRic" <anonymous@discussions.microsoft.com> wrote in message
news:31B32D04-56B7-42F9-AA57-C5FF28ECFB9F@microsoft.com...

> Hello,
>
> I am currently trying to use integrated security to access the SQL

database for the ASP.NET application (deployed on an intranet).

>
> I am following this article:
>

[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vbcon/html/vbtskaccessingsqlserverwithexplicitcredentials.asp[/url]

>
> So far I have
> 1. Set the Web.config file to impersonate a specific domain user
> <identity impersonate="true" userName = "myDomain\myUserName"

password="password"/>

> 2. Created the login in the SQL server and given it appropriate

permissions

> 3. Used Integrated Security = SSPI in the connection string
> 4. IIS does not allow anonymous access on the site and is using Windows

Integrated Security

>
> So far it's a no go.
>
> I've also gone as far as to set the same user (that maps to the SQL login)

as the user for the processModel and still nothing.

> (do you need to reboot the box before changes in machine.config take

place?)

>
> I read a previous thread that said you need to enable Kerberos delegation

for any identity to be passed acrossed machines. Is that the case? If so I
really don't understand how the article that I mentioned above could work.

>
> Thanks
> - e

[eRic]

No message that I can see, the app just can't access the SQL Sever.

[Kunal]

When you step through the code..the application is probably throwing a
SQLException with some message indicating the login failure....see if you
can post that here..


--
-------------------------------------------------------
[url]http://www.qnal.net/inkabletype[/url]

"eRic" <anonymous@discussions.microsoft.com> wrote in message
news:3BF46B8F-4304-412C-BBA9-774E7238D3AE@microsoft.com...

> No message that I can see, the app just can't access the SQL Sever.

[eRic]

Ok here's one thing i've see

Cannot initialize SSPI package.

[eRic]

Thanks for the article, the issue I am having, however, involves the SQL Server on a remote computer(not the same box as the web server)

Thanks
eRic

[Kunal]

Have you taken a look at this:
[url]http://support.microsoft.com/?id=811889[/url]

--
-------------------------------------------------------
[url]http://www.qnal.net/inkabletype[/url]

"eRic" <anonymous@discussions.microsoft.com> wrote in message
news:67D48650-74F8-4758-99B5-680B7C30F87E@microsoft.com...

> Ok here's one thing i've seen
>
> Cannot initialize SSPI package.