0

Using sql 2008, and IIS 7. It seems no matter what I do that IIS uses the apppool to connect to the SQL server. I even fully qualify the username and password in the connection string in the web.config.

How do I turn this off!?!?

<add connectionString="Data Source=db;Failover Partner=db1;Initial Catalog=Cata;User Id=DOMAIN\Test;Password=111111;Trusted_Connection=Yes;" name="LocalSqlServer" providerName="System.Data.SqlClient" />

But it still connects as the specified account that I have selected for that websites IIS user.... this is killing me. Is there something else in the web.config to turn that off?

From comments below, i'm using AD groups for connection in SQLServer, if i turn off trusted connection SQL will not authorize the user.

  • You need to turn off the 'Trusted Connection' value: http://stackoverflow.com/questions/1250552/what-is-a-trusted-connection – Andrew Barber Mar 08 '13 at 21:19
  • @AndrewBarber I can't because i'm using AD groups to connect, and if you dont specifiy trusted connection then they cant connect –  Mar 08 '13 at 21:27

2 Answers2

1

Trusted_Connection=Yes tells it to use integrated authentication, i.e. the app pool identity. Take that out or set it to No.

Fls'Zen
  • 4,594
  • 1
  • 29
  • 37
  • 2
    A bit of trivia; All these values are valid for that setting: `yes` `no` `true` `false` `on` `off`. – Andrew Barber Mar 08 '13 at 21:20
  • I can't because i'm using AD groups to connect, and if you dont specifiy trusted connection then they cant connect –  Mar 08 '13 at 21:27
  • @Mike Then you need to set the AppPool to use an appropriate AD account. – Andrew Barber Mar 08 '13 at 21:28
  • @AndrewBarber then that would defeat the purpose of having users login through a website and being able to see what each user is doing. When the users come through the apppool all i see is the webserver or that specific name –  Mar 08 '13 at 21:29
0

Try using Integrated Security=False in the connection string.

Travis G
  • 1,592
  • 1
  • 13
  • 18
  • I can't because if you connect with a user and the connection is based on AD groups then you must specify the connection to use Intergated Security = True; –  Mar 08 '13 at 21:32
  • Have you tried Setting the application pool your application is using to run as the user you wish to connect to the DB as? – Travis G Mar 08 '13 at 21:50
  • Travis - I want to be able to connect as 100 users, thats the whole reason why I setup AD groups instead of user accounts. –  Mar 08 '13 at 21:53