We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

W2003 and IIS 6RSS

1 reply

Last post May 18, 2004 09:23 AM by tomkmvp

  • W2003 and IIS 6

    May 17, 2004 05:37 PM|thenetrealtor|LINK

    Working on securing a setup under IIS 6.0, Sql Server, asp 1.1 It seems that the default ASP.NET account is NT AUTHORITY\NETWORK SERVICE by default rather than ASPNET. What I have read recommends creating a least provileged account for ASP.NET to run under and then encrytpinf the password and storing it in the registry. I have tried this but cannot seem to get it to work. Complains about not being able to read the registry. I have been using the IIS account, IUSR_machine and setting impersonate to true to work my way through IIS, ASP.NET and the finally onto the SQL Server by adding this account to the server and setting all access. This has worked up until I tried to access the db from the Application_Start event, when I get back an error relaying the the SQL Server login failed for NT AUTHORITY\NETWORK SERVICE. This error only occurs within the Application_Start. So now I am back to square one and trying to determine how best to secure my IIS-ASP.NET-SQL Server connections. I was hoping to hear some experiences and/or recommendations form other who have gone thru this as well. Thanks in advance
  • Re: W2003 and IIS 6

    May 18, 2004 08:39 AM|tomkmvp|LINK

    Start here: http://support.microsoft.com/default.aspx?scid=kb;en-us;815154&Product=aspnet http://support.microsoft.com/default.aspx?scid=kb;en-us;316989&Product=aspnet