>http://support.microsoft.com/default.aspx?scid=%2Fservicedesks%2Fwebcasts%2Fwc112001%2FWCT112001.asp
>

Cathi,

Do you know where I can get the slides that go along with this transcript?

Thanks,
BOb


>>I had all the settings configured as you suggested (on IIS and Web.Config) except for the Integrated Security setting. After confirming that all was as you suggested, I reinstalled my app on my webserver. Now I don't even get prompted for username/password when I connect to the server. So when I try to connect to my SQL database, it's trying to connect as 'NT AUTHORITY\ANONYMOUS LOGON'.
>>
>>"server=insert server name here;trusted_connection=yes;database=databaseNameHere;Integrated Security=SSPI;"
>>
>>Turns out it was caused by my checking the 'Integrated Windows Security' box on the IIS Directory Security dialog. The problem is that when I uncheck this box, the user has to log into the IIS box (and not the domain). I need them to log into the domain. We are going to have hundreds of users who will need Domain Accounts as well as local IIS accounts (a maintenance nightmare). Also, I need them to authenticate to the domain so that I can get information about their groups.
>>
>>I don't know enough about NT security to make any decisions. I will try to make it through the paper you suggested (there's alot of information there!). I think I'll try to find someone who might be willing to do some security consulting work (any recommendations/ideas?) to make sure I architect the solution to meet our strict banking security and business needs.
>>
>>m