High Isolated Permission level in IIS 5.0

Hi,

I made my application in IIS as High(Isolated). In component services
the application is running under the default account IWAM_ComputerName
as we know. I need to change the account to a custom account. I did
through the property box "identity" tab in component services and
configured my custom account for my application. But again i am not
able to access the database through the application while i can access
the application. The account i am using have required access to the
database also. Did i missed out something?

What i can find the user id is passed as null to the database while
connecting it and i am not specifying any account info in connection
string as i am using Integrated Security=SSPI in connection string.

Pls advise me.

Regards,
Satheesh

Re: High Isolated Permission level in IIS 5.0

You need to remember that ASP has the default (and hardcoded) behavior
of impersonating the authenticated account, which means that although
you changed the account under which the process is executing
(DLLHOST.exe) ASP always impersonates the account in the executing
thread.

The issue with this is that you have two options:
- you perform delegation (there are several threads on how to do this)
- you create a COM object to abstracts the database access, set it up
on server package in COM+ and call it from your ASP page.

Anyway, in a good design, an ASP page should not access the database
directly. There should always be a business model between the
presentation model and the data model.

Tiago Halm