Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net (http://www.velocityreviews.com/forums/f29-asp-net.html)
-   -   Two PC development environment (http://www.velocityreviews.com/forums/t121850-two-pc-development-environment.html)

=?Utf-8?B?R2FsIFN0ZWluaXR6?= 03-18-2006 11:55 PM
Two PC development environment
 
What is the correct way to set up a two PC development environment where one
PC (the main PC) runs IIS and Visual Studio 2005, and the 2nd PC runs SQL
Server 2000 ?

We ran into significant problems with security trying to set up this kind of
infrastructure.

We gave the ASPNET user an implicit password, and specified this password in
machine.config:

<processModel autoConfig="true" userName="aspnet" password="---" />

this user has administrative access on the main PC and access to the debug
group.

There is also this setting in web.config:

<identity impersonate="true" userName="aspnet" password="---">

and additionally there is the user that IIS uses for anonymous connections.

The ASPNET user was created as a local user on both PC's with the same
password.

Using this setup, works for local access, but does not allow access to the
PC via a browser from other PC's.

What is the correct configuration for such a setup, and which of the above
is required and which is not?

Thanks.

Steven Cheng[MSFT] 03-20-2006 05:35 AM
RE: Two PC development environment
 
Hi Gal,

Thank you for posting.

As for the ASP.NET application deploying in two machines scenario, here are
some of my understanding and suggestion:

1. For IIS 5.X , the ASP.NET worker process is aspnet_wp.exe and the
default process identity is machine\aspnet account and the password is
controled by machine. also, we do not recommend that user manualy change
the account's password. Actually we can create a separate custom ASP.NET
process account, see the below msdn article:

http://msdn.microsoft.com/library/en...9.asp?frame=tr
ue

http://msdn.microsoft.com/library/en...01.asp?frame=t
rue

2. For SQL Server, since it is always be accessed remotly from ASP.NET
application, so if the ASP.NET application is not using impersonate, it
should always use the worker prcess account to access the remote sqlserver,
no matter the client user visit the page from local or remote client
machine. is your ASP.NET applicaiton using windows authentication and
impersonate?

Anyway, I suggest you turn on the SQL Profiler on the sqlserver machine to
check what's the account used to access the sqlserver and get denied...

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)


All times are GMT. The time now is 06:00 PM.

Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57