Wednesday, March 28, 2012

Restrict ASP.NET app DB permissions using Integrated Security

How might I Restrict ASP.NET app DB permissions using Integrated Security?

I can see how it's done with SQL Authentication, but I'd prefer to do it with Windows Authentication.

Is it a matter of restricting the permissions of the general ASP.NET user (“NT AUTHORITY\NETWORK SERVICE”)...seems like it might affect too much.

Or can I have a Windows user/identity/account that is specific to a single ASP.NET Application?

Any guidance on this would be appreciated.

Thanks!

You can assign a specific domain account to the application.

Check out using an 'Application Pool' for Web Security.

|||Bingo. Thanks!

No comments:

Post a Comment