application pool running under network credentials

I created a domain user and added it to the IIS_WPG group on my IIS
6.0 box. IIS is running in worker process isolation mode. I created
an application pool and set the identity to the domain account. I
made a web site that hosts one page - a web service that makes an SQL
proc call. I set the application pool on my site to the newly created
app pool.

When I browse the web service, the page listing methods renders, but I
don't see a new w3wp.exe on the IIS box. Never shows up, no matter
what I do browsing the web service or submitting tests.

It's as if the site isn't running under the network account.

Furthermore, when I use the connection string

Data Source=dataserver;Initial Catalog=database;Integrated
Security=SSPI;

I get the error

Login failed for user '(null)'. Reason: Not associated with a trusted
SQL Server connection.

as if the context of the worker process couldn't be matched with a SQL
login.

What am I doing wrong here?

Thanks for you help!

Re: application pool running under network credentials

On Jan 17, 2:28=A0pm, jay.meerd...@gmail.com wrote:
> I created a domain user and added it to the IIS_WPG group on my IIS
> 6.0 box. =A0IIS is running in worker process isolation mode. =A0I created
> an application pool and set the identity to the domain account. =A0I
> made a web site that hosts one page - a web service that makes an SQL
> proc call. =A0I set the application pool on my site to the newly created
> app pool.
>
> When I browse the web service, the page listing methods renders, but I
> don't see a new w3wp.exe on the IIS box. =A0Never shows up, no matter
> what I do browsing the web service or submitting tests.
>
> It's as if the site isn't running under the network account.
>
> Furthermore, when I use the connection string
>
> Data Source=3Ddataserver;Initial Catalog=3Ddatabase;Integrated
> Security=3DSSPI;
>
> I get the error
>
> Login failed for user '(null)'. Reason: Not associated with a trusted
> SQL Server connection.
>
> as if the context of the worker process couldn't be matched with a SQL
> login.
>
> What am I doing wrong here?
>
> Thanks for you help!

I also used the policy editor to set for the domain account:

- Replace a Process Level Token (SeAssignPrimaryTokenPrivilege)
- Adjust Memory Quotas for a process (SeIncreaseQuotaPrivilege)
- Generate Security Audits (SeAuditPrivilege)
- Bypass Traverse Checking (SeChangeNotifyPrivilege)
- Access this computer from a network (SeNetworkLogonRight)
- Logon as a Batch Job (SeBatchLogonRight)
- Logon as a Service (SeInteractiveLogonRight)
- Allow Logon Locally (SeInteractiveLogonRight)

Re: application pool running under network credentials

On Jan 17, 2:28=A0pm, jay.meerd...@gmail.com wrote:
> I created a domain user and added it to the IIS_WPG group on my IIS
> 6.0 box. =A0IIS is running in worker process isolation mode. =A0I created
> an application pool and set the identity to the domain account. =A0I
> made a web site that hosts one page - a web service that makes an SQL
> proc call. =A0I set the application pool on my site to the newly created
> app pool.
>
> When I browse the web service, the page listing methods renders, but I
> don't see a new w3wp.exe on the IIS box. =A0Never shows up, no matter
> what I do browsing the web service or submitting tests.
>
> It's as if the site isn't running under the network account.
>
> Furthermore, when I use the connection string
>
> Data Source=3Ddataserver;Initial Catalog=3Ddatabase;Integrated
> Security=3DSSPI;
>
> I get the error
>
> Login failed for user '(null)'. Reason: Not associated with a trusted
> SQL Server connection.
>
> as if the context of the worker process couldn't be matched with a SQL
> login.
>
> What am I doing wrong here?
>
> Thanks for you help!

I've also put the domain account in local administrators on the IIS
box, in Domain Users, Domain Users & Domain Admins, and Domain Admins
alone.

Re: application pool running under network credentials

On Jan 17, 2:48=A0pm, jay.meerd...@gmail.com wrote:
> On Jan 17, 2:28=A0pm, jay.meerd...@gmail.com wrote:
>
>
>
>
>
> > I created a domain user and added it to the IIS_WPG group on my IIS
> > 6.0 box. =A0IIS is running in worker process isolation mode. =A0I create=
d
> > an application pool and set the identity to the domain account. =A0I
> > made a web site that hosts one page - a web service that makes an SQL
> > proc call. =A0I set the application pool on my site to the newly created=

> > app pool.
>
> > When I browse the web service, the page listing methods renders, but I
> > don't see a new w3wp.exe on the IIS box. =A0Never shows up, no matter
> > what I do browsing the web service or submitting tests.
>
> > It's as if the site isn't running under the network account.
>
> > Furthermore, when I use the connection string
>
> > Data Source=3Ddataserver;Initial Catalog=3Ddatabase;Integrated
> > Security=3DSSPI;
>
> > I get the error
>
> > Login failed for user '(null)'. Reason: Not associated with a trusted
> > SQL Server connection.
>
> > as if the context of the worker process couldn't be matched with a SQL
> > login.
>
> > What am I doing wrong here?
>
> > Thanks for you help!
>
> I've also put the domain account in local administrators on the IIS
> box, in Domain Users, Domain Users & Domain Admins, and Domain Admins
> alone.- Hide quoted text -
>
> - Show quoted text -

Stand down - I missed some of the policies. It's working fine now.