Have a Win7 dev IIS machine with Classic ASP page(s); internal intranet kind of a thing.
The database (SQL Server) is on a corporate server
I am the admin on the Win7 dev machine, but not much control over the Database server.
We want to have a corporate domain user (logged in) hit the IIS server, and have access to the central database with the A/D user’s own login/network ID, so that they can see the database with row level security.
We do not know under what kind of security setting (as running under + which ID/Context) the corp SQL database server has. Everything is integrated with tight security under SSRS + Sharepoint, etc.
Here are the variables that I can play with:
IIS Application Pool…. .
a) NET Framework version ……(options from No Managed Code to .NET 4.0)
b) Pipeline mode – [Integrated or Classic]
WebSite Application or Virtual Directory:
a) Authentication - Anonymous (Enabled or Disabled?)
b) Lots of Modules (settings) [Native inherited] or Managed Inherited, etc.
c) Management: Configuration Editor
d) Physical [Local] Path Credentials Logon Type….(my user id or default = blank)
e) Security (Edit Permissions for the folder where the .ASP code is) …. Allow Read & execute, etc.
Users:
a) I have the ability to set users to anything on this machine…. MyUserId, IUSR, IIS_IUSRS, Guest, Domain User
Can anybody suggest a sure way of configuring the Win7 web server + its components, so that the web server accesses to the database via secured (Kerboros 3.0)[double hop thingy], so that the Database server does know which logged in user account is accessing to the data via the web server.