HOWTO: IIS and SQL Server on Separate Machines with Trusted Connection

ID: Q176379


The information in this article applies to:
  • Microsoft Active Server Pages, versions 1.0, 1.0b
  • Microsoft SQL Server version 6.5
  • Microsoft Internet Information Server versions 3.0, 4.0, 5.0


SUMMARY

Microsoft SQL Server 6.5 can be used with Active Server Pages (ASP) and Internet Information Server 3.0 (IIS). When SQL Server is configured for Mixed or Integrated Security, certain configuration changes must be made to enable ASP to connect to SQL Server via a trusted connection. This article describes these changes and how to set up Internet Information Server to properly connect to SQL Server over a trusted connection.


MORE INFORMATION

In order for ASP scripts to make a trusted connection to SQL Server using ActiveX Data Objects (ADO), the users must be authenticated when they browse the Web page making such a connection. If you force the users to authenticate themselves via Basic authentication, IIS has all information required to make the trusted connection to SQL Server. If any other authentication method is used (NT Challenge/Response or Anonymous), IIS is not be able to make this connection.

NOTE: Using Basic authentication may compromise security on your Web server. Basic authentication transmits passwords over the network BASE64 encoded. This encryption is available publicly and can be used to decipher passwords. This means that anyone able to use a network sniffer to watch network transmissions will be able to decipher passwords sent via Basic authentication.

Use the following steps to enable Basic authentication and disable other methods:

  1. Click Start menu.


  2. Select Programs.


  3. Select Microsoft Internet Server.


  4. Select Internet Service Manager.


  5. Double-clickthe computer name for the WWW Service. This opens the Properties window.


  6. On the Service tab of the tabbed dialog box there's a section marked Password Authentication. In this section clear the Allow Anonymous and the Windows NT Challenge/Response check boxes.


  7. Select the Basic (Clear Text) check box.


  8. Click OK.


Change in the authentication methods will be effective immediately, and does not require the stopping of the WWW Publishing service.


REFERENCES

For additional information, please see the following article(s) in the Microsoft Knowledge Base:

Q176377 INFO: Accessing SQL Server with Integrated Security from ASP

For the latest Knowledge Base artices and other support information on Visual InterDev and Active Server Pages, see the following page on the Microsoft Technical Support site:
http://support.microsoft.com/support/vinterdev/

(c) Microsoft Corporation 1997, All Rights Reserved. Contributions by
Paul Enfield, Microsoft Corporation

Additional query words:

Keywords : kbASP kbSecurity kbSQLServ kbWebServer kbGrpASP kbiis300 kbiis400 kbiis500
Version : winnt:3.0,6.5
Platform : winnt
Issue type : kbhowto


Last Reviewed: December 20, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.