HOWTO: IIS and SQL Server on Separate Machines with Trusted Conn

 Last reviewed: December 11, 1997
Article ID: Q176379
The information in this article applies to:
  • Microsoft Active Server Pages, versions 1.0, 1.0b

SUMMARY

Microsoft SQL Server 6.5 can be used with Active Server Pages (ASP) and Internet Information Server 3.0 (IIS). When SQL Server is configured for Mixed or Integrated Security, certain configuration changes must be made to enable ASP to connect to SQL Server via a trusted connection. This article describes these changes and how to set up Internet Information Server to properly connect to SQL Server over a trusted connection.

MORE INFORMATION

In order for ASP scripts to make a trusted connection to SQL Server using ActiveX Data Objects (ADO), the users must be authenticated when they browse the Web page making such a connection. If you force the users to authenticate themselves via Basic authentication, IIS has all information required to make the trusted connection to SQL Server. If any other authentication method is used (NT Challenge/Response or Anonymous), IIS is not be able to make this connection.

NOTE: Using Basic authentication may compromise security on your Web server. Basic authentication transmits passwords over the network BASE64 encoded. This encryption is available publicly and can be used to decipher passwords. This means that anyone able to use a network sniffer to watch network transmissions will be able to decipher passwords sent via Basic authentication.

Use the following steps to enable Basic authentication and disable other methods:

  1. Click the Start menu.

  2. Select Programs.

  3. Select Microsoft Internet Server.

  4. Select Internet Service Manager.

  5. Double-click on the computer name for the WWW Service. This opens the Properties window.

  6. On the Service tab of the tabbed dialog box there's a section marked Password Authentication. In this section clear the Allow Anonymous and the Windows NT Challenge/Response check boxes.

  7. Select the Basic (Clear Text) check box.

  8. Click OK.

Change in the authentication methods will be effective immediately, and does not require the stopping of the WWW Publishing service.

REFERENCES

For additional information, please see the following article(s) in the Microsoft Knowledge Base: 

   ARTICLE-ID: Q176377
   TITLE : INFO: Accessing SQL Server with Integrated Security from ASP
For the latest Knowledge Base artices and other support information on Visual InterDev and Active Server Pages, see the following page on the Microsoft Technical Support site: 

   http://support.microsoft.com/support/vinterdev/
(c) Microsoft Corporation 1997, All Rights Reserved. Contributions by Paul Enfield, Microsoft Corporation 
Keywords          : AXSFCompADO AXSFDataBase AXSFSQL
Technology        : kbInetDev
Version           : WINNT:1.0,1.0b
Platform          : winnt
Issue type        : kbhowto

================================================================================

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: December 11, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.