To use Kerberos authentication
All computers must be in the same Active Directory forest or in domains in separate forests with trust relationships.
You must configure the Web server or application server machine accounts in Active Directory for delegation. Alternatively, if your ASP.NET application runs under a specific custom domain account, you can configure the domain account for delegation.
IIS must be configured for Windows authentication, or for certificate authentication with certificate mapping.
You must enable impersonation in your applications Web.config (see "How to impersonate the original caller").
http://www.securityguidanceshare.com/wiki/ASP.NET_2.0_Security_Questions_and_Answers_-_Impersonation_/_Delegation
Check SPN
setspn -L Machine_Name
Setspn -A http/www.microsoft.com (DNS) webserver1 (NetBIOS Name) [this is the one I made Reporting service works]
Check IIS Authentication method:
cscript c:\InetPub\Adminscripts\adsutil.vbs get w3svc/NTAuthenticationProviders
Grant delegation permission to the SQL Server service account domain user account (if not using localSystem account)
How to use Kerberos authentication in SQL Server
http://support.microsoft.com/kb/319723/en-us
Subscribe to:
Post Comments (Atom)
Elevating LLM Deployment with FastAPI and React: A Step-By-Step Guide
In a previous exploration , I delved into creating a Retrieval-Augmented-Generation (RAG) demo, utilising Google’s gemma model, Hugging ...
-
Error 15401: Windows NT user or group '%s' not found. Check the name again. SELECT name FROM syslogins WHERE sid = SUSER_SID ('Y...
-
Finally, it is time. E4SE 811 and eBackoffice 736 will replace our current 810b/735a environment after staying so many years. Just got the n...
-
start /wait D:\Servers\setup.exe /qn VS=[VIRTUALSERVER] INSTANCENAME=[MSSQLSERVER] REINSTALL=SQL_Engine REBUILDDATABASE=1 ADMINPASSWORD=[CUR...
1 comment:
twi additional useful articles:
You receive an "HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials" error message when you try to access a Web site that is part of an IIS 6.0 application pool
http://support.microsoft.com/?id=871179
You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/?kbid=896861
Post a Comment