All geek questions in one place

The classic ASP page represents NT AUTHORITY \ ANONYMOUS LOGON

We have a classic ASP application. I am trying to clone it on the same server with the same IIS7 instance, so we have a dev version. I copied the files and duplicated all the configuration that I can find in IIS Manager.

The problem is access to the database. The new copy uses the same application pool as the old one and the same connection string, but when I create ADODB.Connection and call conn.Open(str) with the same old connection string, throws "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'." .

This is not the user account used by the application pool, but it does not seem to matter.

 "Provider=SQLOLEDB;Data Source=OURSVR;Initial Catalog=OURDB;Integrated Security=SSPI;"

So: How to make Classic ASP impersonate a user account other than NT AUTHORITY\ANONYMOUS LOGON ?

+2
source share
1 answer

An anonymous user id is what counts. Therefore, you must do it right. In this case, the application pool has an identifier that I want to use for the application, but this application did not actually use it.

In IIS Manager for IIS7, left-click on the application in the tree and click on the "Properties" tab at the bottom of the middle pane.

In the "IIS" section (I selected "Area" in the "Group By:" drop-down list in this area), find "Authentication" (or "Authentic ..." if the listview doesn't have focus).

Double click on it. "Anonymous authentication" must be enabled (it was).

Right-click "Anonymous Authentication" and select "Change ..." from the context menu.

Change "Anonymous User ID": from "Specific User:" ("IUSR") to "Application Pool Identifier" and click "OK."

Restart the web server.

+8
source

Source: https://habr.com/ru/post/1439778/

More articles:


All Articles