Since your web machine cannot access the domain, then it will obviously be
unable to impersonate. Adding a local account matching the domain account
would probably work, but you'd have to do this for each domain account that
was to access the box, which would not be practical I would think. Setting
the web.config to impersonate a particlar local account would work but dont
like doing this in the web.config becuase of the relatively easy access of
this file to malicious eyes (whether internal or external) and this is even
though you can encrypt the credentias via setreg.
--
- Paul Glavich
"Paul P" <> wrote in message
news:E987D561-494F-467C-A1E4-...
> I want to deploy my web app inside a DMZ. I set up the IIS to allow
Anonymous Login
> and I am going to impersonate an account and connect to a SQL Server
database
> inside the firewall. The account we are trying to impersonate is a Domain
account.
>
> Now the question is How do I do that?
>
> In my webconfig file I have impersonate=true and I know I can put the
username password in there also.
> But when I do that I still get Login failed for Null user.
>
> Do I have to create a local account on the DMZ box that matches the Domain
account I am trying to impersonate?
> The SQL Server has the Domain account added as a SQL Server Login and is
granted access to the database I
> want to use. The app works fine from my Intranet but when I move it to
the DMZ box I have a problem. It
> says Login failed for Null user. I have read some articles that points to
using the ASPNET worker process account but I want to use a proxy account.
>
> Do I need to do something within IIS or modify the webconfig file, or
modify the machine.config file????
>
> Any help would be appreciated........
|
Similar Threads
