C
cmw
I am trying to debug an ASP.Net application that uses impersonation to
access a secured SQL Server database (Microsoft cRM as it happens) so
my web.config has
<authentication mode="Windows" />
<identity impersonate="true"/>
<authorization>
<deny users="?" />
</authorization>
Now I'm not too clued up on authentication, active directory etc so
I'm confused as to how my asp.net app appears to SQL Server as a
totally different domain and user.
Here's the code I've used to demonstrate what's happening.
SqlConnection conn = new
SqlConnection("Trusted_Connection=No;Server=sndbx2003dev;Database=03dev_MSCRM;Integrated
Security=SSPI;");
SqlCommand comm = new SqlCommand("SELECT SUSER_SNAME()", conn);
conn.Open();
Literal1.Text = comm.ExecuteScalar().ToString();
conn.Close();
Literal2.Text = HttpContext.Current.User.Identity.Name;
Now Literal1 has 03dev\crmadmin whereas Literal2 has my own company
\myname login.
I've trying to reproduce the same behaviour on a client's machine and
don't know what's going on. I've asked the network guys but they don't
seem to know either but somethings were set up before them.
I've found references to Kerberos but it's a bit over my head at the
moment.
How is this possible?
access a secured SQL Server database (Microsoft cRM as it happens) so
my web.config has
<authentication mode="Windows" />
<identity impersonate="true"/>
<authorization>
<deny users="?" />
</authorization>
Now I'm not too clued up on authentication, active directory etc so
I'm confused as to how my asp.net app appears to SQL Server as a
totally different domain and user.
Here's the code I've used to demonstrate what's happening.
SqlConnection conn = new
SqlConnection("Trusted_Connection=No;Server=sndbx2003dev;Database=03dev_MSCRM;Integrated
Security=SSPI;");
SqlCommand comm = new SqlCommand("SELECT SUSER_SNAME()", conn);
conn.Open();
Literal1.Text = comm.ExecuteScalar().ToString();
conn.Close();
Literal2.Text = HttpContext.Current.User.Identity.Name;
Now Literal1 has 03dev\crmadmin whereas Literal2 has my own company
\myname login.
I've trying to reproduce the same behaviour on a client's machine and
don't know what's going on. I've asked the network guys but they don't
seem to know either but somethings were set up before them.
I've found references to Kerberos but it's a bit over my head at the
moment.
How is this possible?