P
Paul Mason
I think i've been getting my groups mixed up.
I've been trying to get my intranet system to authenticate to SQL server
(2K) using a trusted connection for some time and have had to wait until we
upgraded to Active directory for kerberos to start working (I'm not 100%
sure it's kerberos so bear with me).
Now I've hit the final brick wall which means this isn't ever gonna happen
in the current setup. It finally twigged (dropped like a tonne of lead more
like) when I read in the help :
"If your application runs on a Windows-based intranet, you might be able to
use Windows integrated security for database access. Integrated security
requires:
a.. That SQL Server be running on the same computer as IIS...... "
I can't believe that someone from MS actually wrote this. Are they
mad?...IIS and SQL server on the same machine....hackers paradise! Appart
from being plain dangerous, it's bad networking practice, bad programming
practice...it's just bad.
Does anyone know if they are actually going to write something useful...or
are we stuck with forms authentication forever!?! Not that I'm complaining.
Cheers...P
I've been trying to get my intranet system to authenticate to SQL server
(2K) using a trusted connection for some time and have had to wait until we
upgraded to Active directory for kerberos to start working (I'm not 100%
sure it's kerberos so bear with me).
Now I've hit the final brick wall which means this isn't ever gonna happen
in the current setup. It finally twigged (dropped like a tonne of lead more
like) when I read in the help :
"If your application runs on a Windows-based intranet, you might be able to
use Windows integrated security for database access. Integrated security
requires:
a.. That SQL Server be running on the same computer as IIS...... "
I can't believe that someone from MS actually wrote this. Are they
mad?...IIS and SQL server on the same machine....hackers paradise! Appart
from being plain dangerous, it's bad networking practice, bad programming
practice...it's just bad.
Does anyone know if they are actually going to write something useful...or
are we stuck with forms authentication forever!?! Not that I'm complaining.
Cheers...P