[thelist] IIS & OLEDB
Joel D Canfield
joel at spinhead.com
Fri Jan 2 15:17:07 CST 2004
> I've got an intranet page that connects to my SQL server, and I'm
trying
> to force it to use NT Authentication when it does.
>
> <snippage />
>
> Microsoft OLE DB Provider for SQL Server error '80040e4d'
>
> Login failed for user 'IUSR_COMPUTERNAME'.
>
> Why isn't it passing MY user id? Why is it trying to use the
anonymous
> IUSR id?
'cause NT authentication doesn't actually know your username and
password when it talks to the SQL server.
Huh?
Okay, when you log into the intranet, your machine knows your auth info
just long enough to verify it with the domain. After that, while it
knows you're authenticated, it *doesn't store* your auth info. So, when
you try to touch other domain resources, that resource asks for your
auth info, and your machine says, "I dunno, but he's authorized. Trust
me." The other machine doesn't accept that answer. It wants a real
username and password.
Here's the trick: set the auth type for the intranet page in question to
BASIC. Yes, you'll get the warning that auth info will be sent in clear
text. Unless you've got hackers with packet sniffers *on* your network,
no fear.
Now, when you log in, you'll get the same challenge, but the username
and password are available to the intranet page to pass along to other
domain resources like the SQL server.
joel
More information about the thelist
mailing list