andyw27
asked on
IIS Authentication
Hi,
In IIS 7 there is section on Authentication. By default for Anonymous Authentication, the user identify is set to IUSR
Whilst its set to this I get SQL access errors.
If I change it to 'Application pool identity' the error goes away.
The application pool identity is set to 'Localsystem'
Presumably this is working because IIS is located on the same machine as the development environment and I'm logged on as the Administrator.
What should be the correct settings?
In IIS 7 there is section on Authentication. By default for Anonymous Authentication, the user identify is set to IUSR
Whilst its set to this I get SQL access errors.
If I change it to 'Application pool identity' the error goes away.
The application pool identity is set to 'Localsystem'
Presumably this is working because IIS is located on the same machine as the development environment and I'm logged on as the Administrator.
What should be the correct settings?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
does not that create a risk that anybody can any user can open the web.config and and see password?
If someone (risky) has access to your server's systemxx directory the app pool password would be the least of your worries :~)
ASKER
fair point
This gives you the option of being able to add additional privileges as your app matures as well as minimizes the risk of any malicious activity on your system.
Create an account in your domain - limit logon ability etc- grant that acct permission to sql as well as to any other directories your app needs to access.
Getting your template right for this acct can be a bit tedious at first but it is your safest bet, built in accounts are too easily compromised for app pool identities.