I have an intranet site I'm trying to setup to use Windows authentication and impersonate the user through to a remote SQL server. I've set these up in the past but the web server and SQL server have always been on the same box. I've scoured Google trying different settings but I either get a password prompt or a Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' (the identity of the user is correct on the website, but it's not authenticating through to SQL because it thinks it's anonymous). Below is my setup so any insights are much appreciated.
Web.Config
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
<identity impersonate="true" />
IIS7
Anonymouse Authentication - Disabled
ASP.NET Impersonation - Enabled
Basic Authentication - Disabled
Forms Authentication - Disabled
Windows Authentication - Enabled
- Advanced Settings: Extended Protection=Off and Enable Kernal-mode authentication=Checked
- Providers: Negotiate and NTLM (I came across a blog to use Negotiate:Kerberos but that didn't work)
Connection String
SqlConnection m_oConnection = new SqlConnection("Data Source=" + ConfigurationServer + ";Failover Partner=" + ConfigurationServerFailover + ";Initial Catalog=Master;Trusted_Connection=Yes;persist security info=False;");
I came across another article and had the network administrator change the Active Directory record for the IIS server to say "trust this computer for delegation". Still a no go.
Is there a way for me to integrate security in an ASP.NET application using Windows authentication to a remote SQL server without a password prompt?
