With Windows authentication, the user credentials from the user running the CGI
gets passed to the IIS server. I have verified that this is working properly by
checking what the "effective" user is in the IIS server logs. This user also
has been configured to have rights on the SQL Server.
And yes, the script runs successfully if I run it from the IIS server machine.
________________________________
From: Roey Almog (Infoneto Ltd) <[email protected]>
To: Yossi Klein <[email protected]>; Perl in Israel <[email protected]>
Sent: Tuesday, January 24, 2012 4:51 PM
Subject: Re: [Israel.pm] Connecting through IIS to SQL Server with Windows
Authentication
Hi,
One thing I can think of (if I am not wrong):The CGI runs under the user of the
IIS (a special windows user) this user does not have permissions on the SQL
server
If you login to the 2003 server and try to run the script from the command line
does it login ?
The user you login with into windows needs to be a trusted user on the SQL
server so this thing will work
Roey
On Tue, Jan 24, 2012 at 4:08 PM, Yossi Klein <[email protected]> wrote:
I am trying to run a
Perl CGI script that connects to a SQL Server.
>
>Webserver = IIS 6.0 (running on MS Windows Server 2003 - SP2)
>
>SQL Server = Microsoft SQL Server 2008 (SP1) - 10.0.2531.0 (X64) Mar 29
>2009 10:11:52 Copyright (c) 1988-2008 Microsoft Corporation Enterprise
>Edition (64-bit) on Windows NT 6.1 <X64> (Build 7600: ) (running on MS
>Windows Server 2008 R2 Enterprise)
>
>Perl = ActiveState 5.8.3 (Yes, I know that there are newer versions, but I'm
>not in control of when upgrades happen and unless I have a good reason to
>upgrade, which of course also requires regression testing, I'd prefer not to).
>
>
>What I'm trying to do is to pass the Windows Authentication information to the
>SQL Server so
that the person running the CGI script has the appropriate permissions in the
db. The problem
is that the the auth information is not being pass through:
>
>The error I'm getting is:
>
>
>[Microsoft][ODBC SQL Server Driver][SQL
Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. (SQL-28000)
>
>
>
>Does anybody have
any ideas or experience with this kind of set-up?
>
>
>Here's a test program that fails:
>
>##############
>use DBI;
>use CGI qw(:all);
>
>print "Content-type: text/html\n\n";
>print "<HTML>\n";
>
>my %attr = (PrintError => 0, RaiseError => 0, AutoCommit => 1);
>
>my $dsn =
> "DBI:ODBC:DRIVER=SQL Server;Trusted_Connection=Yes;APP=MyApp;SERVER=jacob";
>
>#$dsn =~ s/trusted_Connection=yes;/UID=sa;PWD=xxxxxx;/i;
>
>my $dbh = DBI->connect($dsn, undef, undef, \%attr);
>
>if (!defined $dbh)
> { $dbh = DBI->errstr; }
>
>print "$dbh\n";
>print "</HTML>\n";
>################
>
>
>If I comment out the line of code above that turns the connection into
>untrusted (and I fix the password, of course :-), the program successfully
>connects.
>
>
>Thanks,
>
>Yossi
>_______________________________________________
>Perl mailing list
>[email protected]
>http://mail.perl.org.il/mailman/listinfo/perl
>_______________________________________________
Perl mailing list
[email protected]
http://mail.perl.org.il/mailman/listinfo/perl
