Kerberos / Authentication to SQL2K

[Paul Mason]

Hi folks,

I thought I'd got this sorted, but apparently not.

Everything in the documentation indicates that setting the IIS settings to
use integrated logins and changing my authentication mode in web.config to
windows would be all I needed to do. It didn't want to know the
authentication until I switched on impersonation either.

Thus my web.config has

<authentication mode="Windows"/>
<identity impersonate="true"/>

When ia had it setup on my local machine, it authenticated OK (which it
didn't before when in an NT domain).

When set up on my web server however, I get the "Login failed for user
'(null)'. Not associated with a trusted login" error, whenever I access a
page that needs to authenticate to my SQL server.

Each machine (web server, sql server, workstations) are in an active
directory domain.

I thought kerberos sorted this all out?? I have no intention of using
impersonation...I'd rather stick to forms authentication.

Any ideas??

Cheers...P

 

[Paul Mason]

Please ignore my previous post....I have finally discovered the madness of
the situation. From the help in visual studio :

"If your application runs on a Windows-based intranet, you might be able to
use Windows integrated security for database access. Integrated security
requires:
a.. That SQL Server be running on the same computer as IIS. "
Err what!?!....Are they mad? This breaks all the rules of good development,
appart from being about a dangerous as you can get. The mere suggestion of
this is so stupid that I completely overlooked it. Even when I spotted it I
had to read it several times to get over the shock.

Does anyone know when they are going to create a proper system for
authenticating users to SQL server? Is it likelly to happen in Whidbey?

Cheers...P