I'm experimenting with ASP (local IIS) and accessing data a table in a SQL database from a server on my network.

I have it working on my develpment machine... but when I access my aspx page from another machine I get 'null user' error.

I did have that problem on my develpment machine, but I added:

<identity impersonate="true" />

to my web.config file AND using the IIS information services tool (control panel administrative tools)
Under your web site’s properties / directory security - edit anonymous access turned off anonymous and turn on digest. These changes will allow
IIS to access SQL the windows signed on user from my development machine... but not when I access this page from another machine.

What else do I need to do?

Setup the database to use SQL authentication then connect to the database with the proper connect string. Make sure you have a UID and Password entry in the connect string. Otherwise, you have to make IIS run as a user with permission to the db. Or, you can give the NETWORK SERVICE, ASP.NET Account, or possibly w3wp accounts on the IIS server access to the database.

In short, use SQL auth...

Setup the database to use SQL authentication then connect to the database with the proper connect string. Make sure you have a UID and Password entry in the connect string. Otherwise, you have to make IIS run as a user with permission to the db. Or, you can give the NETWORK SERVICE, ASP.NET Account, or possibly w3wp accounts on the IIS server access to the database.

In short, use SQL auth...

Thanks. I would like for the sql connection to be for the actual user. This is for an intranet type application and I need to be able to track database updates by the user. What I have works from my development machine... just not from other machines (yet). I don't understand why that is. Maybe this is a limitatin of authenication deligation but I don't know why that would be so.

This:
Impersonation. This mechanism allows a server process to run using the security credentials of the client. When the server is impersonating the client, any operations performed by the server are performed using the client's credentials. Impersonation does not allow the server to access remote resources on behalf of the client. This requires delegation.
Delegation. Like impersonation, delegation allows a server process to run using the security credentials of the client. However, delegation is more powerful and allows the server process to make calls to other computers while acting as the client.

seems to indicate that deligation is what I want.

Are the machines on a domain together? If not, the username / password on both systems will need to be the same (Passthru authentication...)

Are the machines on a domain together? If not, the username / password on both systems will need to be the same (Passthru authentication...)


Yes. For this application all machines are in the same domain.