January 5, 2007 at 12:56 pm
I am writing an ASP.net app for our Intranet. I am authenticating users in active directory and then redirecting them to the main page of the app where they can run their queries etc. I setup a global security group on both the AD and SQL servers.I added one user(me ) to the group in AD. When I test the login with a different user, one who should not have access to the SQL Server because he is not in the AD group, I can run the queries just the same. What do I need to change to permit only the group to be able to run queries?
January 5, 2007 at 1:58 pm
Where are you running the .Net app? From your XP workstation? And I assume you are using integrated security in your connection string.
Unless you turn on impersonation in the .Net app, the data access will always be under your logged on desktop account. On the server, it will be under the Application Pool account setup for the website or virtual directory.
You probably need to setup impersonation on your web application project.
Mark
January 5, 2007 at 5:30 pm
I had impersonation set to true, but it would not connect to the DB. When I tried Impersonaytion set to False, I could connect to the DB, but I guess so can everyone.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply