Ok, I set up active directory delegation on my intranet site, and enabled windows authentication.
Users go to the ASP page, and their identity/credentials are passed through to the SQL server.
(logging into the sql server with the users credentials is the critical part here, we have assigned sql level permissions on certain tables)
When users go to the machines website http://cWebNexus2/integratedlogon.asp
, everything works like a dream.
(cWebNexus2 is the name of the machine on our active directory network)
But when I go to the outside site name: http://nexus.dealix.com/integratedlogon.asp
or the IP xxx.xx.xx.xx for that site,
(from home, OR from my workstation, on the company active directory network)
Asp pages come up, so IIS is authenticating me... but it doesn’t pass through to SQL, the users credentials are not delegated to the sql server, and I get the good ol'
"Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'."
It feels like double-hop (which I got past) all over again.
1) My remote users to be able to log in from home with the network popup login,
2) My local users to be authenticated without any logins from within the company network.
3) Everyone (local and remote) to log into sql with their active directory account.