November 11, 2014 at 5:54 am
We have an off-shore team that uses workstations connected to their own company domain and they VPN to our network to access SQL Server. Currently, we have granted them access via SQL authenticated accounts. For security and management reasons, we want them to connect using our provided domain credentials.
They are able to access SQL Server by running SSMS with the 'runas' command and passing the /remoteonly switch.
The problem we are having is that we cannot seem to find a way to set the application pool security of IIS so they can run IIS as one of our domain accounts.
Is this possible? If so, what are the steps to make it happen?
TL;DR - How do I configure a workstation that is not connected to our domain but is VPN'd into our network so that the .net web application running through IIS will have access to SQL Server as a domain account that is on our domain?
Thanks in advance
November 11, 2014 at 6:05 am
I'm not sure that this is an SQL Server question, since your problem seems to be with running IIS. But if they are connecting to SQL Server through a web browser and IIS, they must have been logged into your Windows domain before they open the browser. Runas on the web browser could work.
But it seems to me that a better solution is that they log into a terminal server on your domain, or that you provide virtual machines joined to your domain. In the latter case, you could put the VPN connection on the VMs.
[font="Times New Roman"]Erland Sommarskog, SQL Server MVP, www.sommarskog.se[/font]
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply