April 26, 2016 at 11:01 pm
When I try to query the linked server outside of IIS, from console application everything works fine without any additional configuration.
When I try to query the linked server from website hosted in IIS, I get the following error: Login failed for user 'DOMAIN\USER'. Obviously, I can "fix" this problem by adding that user to SQL Server, but why is it trying to access the SQL from user account and not from application's pool account? Why don't I get error Login failed for user 'IIS AppPool\MyApplicationPool'? Is there a way to force it to use application pool?
Obviously, I can't access the Linked Server data without giving that user a read permissions on the folder. If I give permissions to Everyone - it works. If I give permissions to Users - it works...but which user is accessing the linked server data? Is it the MSSQL user? Is it the DOMAIN\USER?
Is there a simple way to do the following: Force application in IIS to authenticate with IIS AppPool\MyApplicationPool instead of local account so that I can simply give the read permissions on the folder to that application pool.
If I somehow manage to force it to use the app pool and configure the required permissions, did I bypass the double hop problem? Is there a need for Kerberos delegation?
Thank you in advance.
Viewing 0 posts
You must be logged in to reply to this topic. Login to reply