how do I use the windows user in a webservice?

I have a project with a webserice.  I was using a hardcoded username in my connection string.  My tables in my db have a createdby and modified by field.  I don't pass them in, since the default value is (suser_sname()).  Basically it would fill in the username for me.  It worked on my dev machine, but not on the server.  

I changed the iis settings to use Integrated Windows.  When I run my app, it says I can't connect to the db
for user "mydoman\the computer name the webservice is running on".  How do I get the webservice to use the username of the person using the app?
jackjohnson44Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

raterusCommented:
Turn back on Integrated Windows Authentication, this is what you need to use.  

Is your DB on a different computer than your webserver?  If that is the case, you need to enable Delegation on your webserver.  This is the "ok" in active directory for the webserver to pass along the credentials of your user to another server.

http://support.microsoft.com/default.aspx?scid=kb;en-us;810572
0
jackjohnson44Author Commented:
My db is on a different server.  I have active directory and tried the suggestion in the link that mentioned but it looks like the webservice is trying to use it's computer name as the username in sql server.  Do you have any more advice?
0
raterusCommented:
First off, this isn't a simple set a few settings and it'll magically work.  There is a very detailed setup here, and you really need to understand how it all fits together to be able to get this to work.

If you checked the "Allow Delegation" tab in active directory users and computers, then your next step is to restart your webserver.  This is an unwritten gotcha about this setting.

Does your webserver/service use a fully-qualified domain name, e.g "myserver.mydomain.com", if that's the case then you need to add SPNs to active directory.

You also need <identity impersonate="true" /> in web.config

You must ONLY have integrated windows impersonate in IIS checked, no anonymous

Those are a few more things in this, so let me know what you find.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C#

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.