"Nick Gilbert" <news@nickgilbert.com> wrote in message
news:uudoeyciDHA.1952@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> On Windows 2000, I use the following connection string in my ASP.NET
> applications:
>
> <add key="ConnectionString" value="server=(local);Integrated
> Security=SSPI;database=knowledge" />
>
> I then created a login in SQL Server for the ASPNET/<machine name> user
and
> assigned it to a WWWUsers role. This meant that SQL Server automatically
> made requests from the website under the WWWUsers role. In IIS, I then
> removed anonymous access from the /admin/ folder on the website, which
then
> caused IE to prompt for a username and password. If I logged in as
> 'webadmin' and a webadmin login had been created on SQL Server for that
> database in the WWWAdmins role, then it would automatically run website
> queries by administrators under the WWWAdmins role.
>
> *HOWEVER*, under Windows 2003 Server (IIS6), this seems to be broken. It
> either doesn't prompt for a username and password, or if it does, it seems
> to ignore it completely and SQL Server still puts me in the WWWUsers role.
I
> have put the NETWORK AUTHORITY/NETWORK SERVICE user in the WWWUsers role,
> and the webadmin user (a valid Windows account) is still in the WWWAdmins
> role.
>
> Why is IIS 6 not behaving the same way as IIS 5.5 on Windows 2000? Have I
> made a mistake somewhere or is there a way to make it work in the same way
> as Windows 2000?
>
> Thanks,
>
> Nick Gilbert
>
>
>
>

"Chris Jackson" <chrisj@mvps.org> wrote in message
news:eYzUnREjDHA.1964@TK2MSFTNGP12.phx.gbl...
> How are you doing your authentication? The matrix here will explain what
> credentials you are passing - note that you will want to pass a domain
> account rather than a local account if you are authenticating to a
different
> machine.
>
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP05.asp
>
>
> --
> Chris Jackson
> Software Engineer
> Microsoft MVP - Windows XP
> Windows XP Associate Expert
> --
> "Nick Gilbert" <news@nickgilbert.com> wrote in message
> news:uudoeyciDHA.1952@TK2MSFTNGP10.phx.gbl...
> > Hi,
> >
> > On Windows 2000, I use the following connection string in my ASP.NET
> > applications:
> >
> > <add key="ConnectionString" value="server=(local);Integrated
> > Security=SSPI;database=knowledge" />
> >
> > I then created a login in SQL Server for the ASPNET/<machine name> user
> and
> > assigned it to a WWWUsers role. This meant that SQL Server automatically
> > made requests from the website under the WWWUsers role. In IIS, I then
> > removed anonymous access from the /admin/ folder on the website, which
> then
> > caused IE to prompt for a username and password. If I logged in as
> > 'webadmin' and a webadmin login had been created on SQL Server for that
> > database in the WWWAdmins role, then it would automatically run website
> > queries by administrators under the WWWAdmins role.
> >
> > *HOWEVER*, under Windows 2003 Server (IIS6), this seems to be broken. It
> > either doesn't prompt for a username and password, or if it does, it
seems
> > to ignore it completely and SQL Server still puts me in the WWWUsers
role.
> I
> > have put the NETWORK AUTHORITY/NETWORK SERVICE user in the WWWUsers
role,
> > and the webadmin user (a valid Windows account) is still in the
WWWAdmins
> > role.
> >
> > Why is IIS 6 not behaving the same way as IIS 5.5 on Windows 2000? Have
I
> > made a mistake somewhere or is there a way to make it work in the same
way
> > as Windows 2000?
> >
> > Thanks,
> >
> > Nick Gilbert
> >
> >
> >
> >
>
>