ASPNET and NETWORK SERVICE accounts hitting SQL Server

06-30-2004

Hello.

Running IIS 6 and ASP.NET, the only way an application can access SQL Server
seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in
the <identity> element within "web.config"). This is analagous to the
"ASPNET" user for IIS 5 and ASP.NET.

In a secure (SSL) web running in IIS 6, we're interested in getting from
ASP.NET the behavior we get from ASP 3.0. When the ASP application logs
onto the SQL Server database, it does so under the logon of the actual user.
There does not appear to me to be a way to make this happen. And, as a
result, we feel as though we have lost a layer of security--the security of
the database.

Any ideas or suggestions are welcome.

Thanks,
Jim

06-30-2004

Inside
<system.web>
I added
<identity impersonate="true" />

It worked like a charm!

Jim

"Jim Moon" <jmoon()at()uab.edu> wrote in message
news:%...
> Hello.
>
> Running IIS 6 and ASP.NET, the only way an application can access SQL
Server
> seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in
> the <identity> element within "web.config"). This is analagous to the
> "ASPNET" user for IIS 5 and ASP.NET.
>
> In a secure (SSL) web running in IIS 6, we're interested in getting from
> ASP.NET the behavior we get from ASP 3.0. When the ASP application logs
> onto the SQL Server database, it does so under the logon of the actual
user.
> There does not appear to me to be a way to make this happen. And, as a
> result, we feel as though we have lost a layer of security--the security
of
> the database.
>
> Any ideas or suggestions are welcome.
>
> Thanks,
> Jim
>
>

06-30-2004

Inside
<system.web>
I added
<identity impersonate="true" />

It works great!

Jim

"Jim Moon" <jmoon()at()uab.edu> wrote in message
news:%...
> Hello.
>
> Running IIS 6 and ASP.NET, the only way an application can access SQL
Server
> seems to be as "NT AUTHORITY / NETWORK SERVICE" (or an alias specified in
> the <identity> element within "web.config"). This is analagous to the
> "ASPNET" user for IIS 5 and ASP.NET.
>
> In a secure (SSL) web running in IIS 6, we're interested in getting from
> ASP.NET the behavior we get from ASP 3.0. When the ASP application logs
> onto the SQL Server database, it does so under the logon of the actual
user.
> There does not appear to me to be a way to make this happen. And, as a
> result, we feel as though we have lost a layer of security--the security
of
> the database.
>
> Any ideas or suggestions are welcome.
>
> Thanks,
> Jim
>
>

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
What are the risks with ASPNET/Network Service having sysadmin role in SQL Server Express 2005?	Bogdan Jokel	ASP .Net	0	01-15-2010 05:03 PM
Help. Getting a An error has occurred while establishing a connectionto the server. When connecting to SQL Server 2005, this failure may be causedby the fact that under the default settings SQL Server does not allow remote	aboutjav.com@gmail.com	ASP .Net	0	05-03-2008 12:43 PM
Is the aspnet account called "aspnet" for all non-English versions of Windows and IIS?	torus@tpg.com.au	ASP .Net	7	03-23-2007 04:00 AM
Problem with Windows 2003 cluster and ASPNET worker process accounts	HankD	ASP .Net	0	06-02-2005 04:50 PM
Hitting Sql Server Stored Procedure Breakpoint from ASP.NET app	=?Utf-8?B?Um9iIEM=?=	ASP .Net	0	04-16-2005 12:27 AM