Solved

IIS Authentication

Posted on 2013-01-24
5
234 Views
Last Modified: 2013-01-28
Hi,

In IIS 7 there is section on Authentication.  By default for Anonymous Authentication, the user identify is set to IUSR

Whilst its set to this I get SQL access errors.

If I change it to 'Application pool identity' the error goes away.

The application pool identity is set to 'Localsystem'

Presumably this is working because IIS is located on the same machine as the development environment and I'm logged on as the Administrator.

What should be the correct settings?
0
Comment
Question by:andyw27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 500 total points
ID: 38814351
What's correct depends on what you're doing, but I recommend leaving the IIS user as IUSR_whatever, and specifying a user and password in your connection string to SQL Server.  This gives you much more control and better security.
0
 
LVL 29

Expert Comment

by:becraig
ID: 38814352
The best practice would be having a specific account which is updated periodically for set as your app pool identiy.

This gives you the option of being able to add additional privileges as your app matures as well as minimizes the risk of any malicious activity on your system.

Create an account in your domain - limit logon ability etc- grant that acct permission to sql as well as to any other directories your app needs to access.

Getting your template right for this acct can be a bit tedious at first but it is your safest bet, built in accounts are too easily compromised for app pool identities.
0
 

Author Comment

by:andyw27
ID: 38814518
does not that create a risk that anybody can any user can open the web.config and and see password?
0
 
LVL 29

Expert Comment

by:becraig
ID: 38814534
If someone (risky) has access to your server's systemxx directory the app pool password would be the least of your worries :~)
0
 

Author Comment

by:andyw27
ID: 38814577
fair point
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
What You Need to Know when Searching for a Webhost Provider
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question