Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IIS, Active Directory, and SQL Server

Status
Not open for further replies.
MeanGreen

MeanGreen

IS-IT--Management
Sep 12, 2002
672
US
I posted this on the IIS FORUM, but got no answer. Any help would be greatly appreciated:

I have a web application that currently uses standard security for all users. We would like to transition the security to "sorta" trusted security. What I mean by sorta is that all I want to have happen is that the user is validated to be in an Active Directory Group. The internal security will be handled by the application using a menu system. I set up a linked server and started running selects using OPENQUERY, but for some reason about every 5 minutes the query stops working with:

Server: Msg 7320, Level 16, State 2, Line 1
Could not execute query against OLE DB provider 'ADsDSOObject'.

Then after another 2 or 3 minutes it works again.. no changes. I still haven't even gotten to the validation yet, as this problem needs to be solved before I can rely on it for validation. My question is this: Is there a method in place where IIS can validate the user for access and pass the name off to my application? If there is, then I can remove the linked server and just use the IIS for my security interface. Within IIS I would want username and password to be used, since I cannot turnkey the entire operation at one time.

Thank you!
 
Sort by date Sort by votes
Yes you can use IIS to authenticate users grabing Username yes, grabing the password NO.

what you can do is use a SSL as you encrption method then pass the user name and password securley then create an ole db connection useing the information submitted on the form. Advantages here is you create all the USERS in AD and authernicate them this way, creates a centralized place to manage security and log events. Disadvantages security can be a pain to manage, if you mess up you can accidental give a user to much power over your internal network.


Another method is use one username and password for access to SQL database then track the user through a unque key you assign them when they logg in and validate them from a user database you create.

Advantages keeps web users out of the Active Directory and W2K security, Disadvantages is you have two user databases to manage, plus keeping tabs on what users are doing on web and in the database become a lot harder because you have to everything manualy.

the second method is the one i use
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MathiasB
  • Question
Parameterised sql server query
Replies
8
Views
385
Chriss Miller
C
V
  • Locked
  • Question
xp_cmdshell vs psexec - this SQL server forgets credential to an W10 share
Replies
0
Views
758
Volvere
V
gbaughma
  • Locked
  • Question
SQL Performance
Replies
11
Views
951
pjw001
pjw001
Steve Yu
  • Locked
  • Question
How secure is MS SQL on the Internet vs behind firewall inside a LAN 1
Replies
3
Views
536
Chris Miller
Chris Miller
elly00
  • Locked
  • Question
create sql view using batch file
Replies
5
Views
634
Mike Lewis
Mike Lewis

Part and Inventory Search

Sponsor

Back
Top