Accessing a remote DB via wp_aspnet.exe

  • Thread starter Thread starter Ray Stevens
  • Start date Start date
R

Ray Stevens

Because this worker process using the local ASPNET userid, it is unable to
access Sql Server databases on a remote server. I believe the solution is to
use a domain id and apply it to both... but am not sure how to do this with
wp_aspnet.exe.

Anyone have a solution for this.
 
Accesing a remote SQL Server database is as
simple as configuring ASP.NET to use a remote
SQL Server User's account.





Juan T. Llibre
ASP.NET MVP
===========
 
How is what I am asking.

Juan T. Llibre said:
Accesing a remote SQL Server database is as
simple as configuring ASP.NET to use a remote
SQL Server User's account.





Juan T. Llibre
ASP.NET MVP
===========
Click to expand...
 
Essentially, you'd use the same connection string
that you'd use for a local connection.

If the other SQL Server is inside your network,
you can use the SQl Server's name in the connection string.

If the other SQL Server is outside your network,
you'll have to use the SQL Server's IP address
in the connection string.

In both cases, you'll have to make sure that the user in the
connection string is authorized to login to the SQL Server
and perform the database operations you are requesting.

To read similar threads by other programmers
who have asked your same question, check out :

http://www.sqlmonster.com/Uwe/Misc/SR.aspx?p=connect+to+remote+sql+server+from+asp.net





Juan T. Llibre
ASP.NET MVP
===========
 
If you're using IIS 5.0, look into the <processModel> element under
<system.web> in your web.config/machine.config. If you're using IIS 6,
look at the documentation stored with the <processModel> attribute in
your machine.config
(C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Config\machine.config).
Another alternative is you can use impersonation:

<system.web>
<identity impersonate="true" userName="DOMAIN\Username"
password="yourmom" />
</system.web>

Hope that helps.
-Alan
 
I don't think that will work in my case. The wp_aspnet worker process, by
default, runs under the local ASPNET account. I need for it to use a domain
account that wil also be authorized in the SQL Server.
 
re:
I need for it to use a domain
account that wil also be authorized in the SQL Server.
Click to expand...

As I mentioned :
If you are using Windows authentication in SQL Server,
you can use a domain account which you can have
ASP.NET impersonate.

Not a huge problem, although it's a bit
more complicated solution than it need be.


There must be hundreds of thousands, if not millions,
of web developers who connect to remote SQL Server
databases using ASP.NET, without a problem, every day.

I don't see why the case you present would be any different.

Furthermore, you might not even need to use a domain
account common to both the IIS server and the SQL Server.

You could try changing your connection string to
Trusted_Connection=yes

When using a trusted connection you do not pass the
UID and password. When you do this, SQL Server
maps the connection to a SQL Server standard login.

If you create a SQL Server standard login
YourIISServer\ASPNET with whatever password
you choose ("yourPassword"), you should connect, too,
if you allow that login the permisssions which your
database operations need.




Juan T. Llibre
ASP.NET MVP
===========
 
This is exactly what I was looking for.

Now the problem is the last Note in that link:

"With the current release of the >NET Framework, there is no way to avoid
storing the password in clear text. While storing clear text credentials is
not recommended, the machine.config file is considered more secure because
it is located outside the Web space. You should secure machine.config
against unnecessay access by using an approrately configured ACL."

The problem I am now facing is our shop is taking Sarbanes-Oxley to its
extreme and set a policy against having storing credentials in clear text.
This article is for 1.1... does that statement still hold true for 2.0?
I.e., can this be encrypted?
 
Back
Top