G
Guest
Hi,
We have an application running on IIS 6.0, on a windows 2003 box. The
back-end database, a SQL Server 2000, runs on anohter server, windows 2000.
We have enabled integrated authentication, and provided the windows account
the appropriate permissions in SQL Server.
If running the application locally on the server, the user authenticates
fine. When accessing the application remotely, a SQL exception, "Login failed
for NT Authority\Anonymous Logon", is thrown.
The website node only allows windows integrated authentication. The
Web.config has been setup correctly to allow identity impersonation and
windows authentication.
Note that we have a number of users who access this applicaiton. They all
belong to one Active Directory group.
From my research, I can see that the issue is related to delegation
permissions, hence the ability to authenticate locally on the server and not
remotely given the extra "hop".
My question is, what are the exact permissions that will need to be set in
order to allow users to authenticate when accessing the application remotely?
What should the identity be for the application pool?
Thanks for your help!
Adnan
We have an application running on IIS 6.0, on a windows 2003 box. The
back-end database, a SQL Server 2000, runs on anohter server, windows 2000.
We have enabled integrated authentication, and provided the windows account
the appropriate permissions in SQL Server.
If running the application locally on the server, the user authenticates
fine. When accessing the application remotely, a SQL exception, "Login failed
for NT Authority\Anonymous Logon", is thrown.
The website node only allows windows integrated authentication. The
Web.config has been setup correctly to allow identity impersonation and
windows authentication.
Note that we have a number of users who access this applicaiton. They all
belong to one Active Directory group.
From my research, I can see that the issue is related to delegation
permissions, hence the ability to authenticate locally on the server and not
remotely given the extra "hop".
My question is, what are the exact permissions that will need to be set in
order to allow users to authenticate when accessing the application remotely?
What should the identity be for the application pool?
Thanks for your help!
Adnan