Impersonation & Access to SQL Server

[Guest]

This is what I want to achieve
1) ASP.NET code to be able to pick up the Domain username of the person
viewing the page AND
2) Access to another SQL Server in the same domain to be under a fixed
domain user, using the Microsoft Enterprise Library Data Application Block.

Doesn't
- 1) above require in Web.Config
<authentication mode="Windows" />
<identity impersonate="true"/>
- 2) above require instead
<authentication mode="Windows" />
<identity impersonate="true" userName="MyDomain\FIXEDUserName"
password="apassword"/>

Are there any way around this? My company disallows SQL Authentication.

 

[Guest]

You have a couple of directions you can go with this:

1. If you must use a fixed user, you have a couple of choices:
a) Enterprise Services - declarative setting of user in COM+
b) Setting up a service under a specific account

2. If you can go other routes, there is another way. Set up a Windows group
that has access. Add users that have app access to this group. Force users to
log in (ASP.NET).


--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************

 

[Bruce Barker]

number two does what you want, if you turn off anonymous for the site. the
thread will run under the fixed domain account, and identity will be the
users.

if you have iis 6.0, use appdomains instead and leaver out the <identity
impersonate> in the web config (you want to use the pool account).

-- bruce (sqlwork.com)