I've been going nuts over this issue:
I have three servers (THUNDERBOLT which is the SQL Server, TOMCAT which is
the IIS server and PANTHER which is a terminal server) with SQLXML 3.0
installed on TOMCAT. I have setup a virtual template directory and can
execute a template query from IE on TOMCAT with SQL XML configured to use
integrated security. However, when I use the same URL from PANTHER, I get
'The page cannot be found'. However, if I configure SQL XML to use sa
instead of integrated security then the template query works from either
machine ok. My question is why can't I use integrated security for SQL XML
and connect from a non-local machine? (I'm using the same domain login in
both cases and the user is a domain admin) Another possible factor in this
is the fact that I'm also using a host-header with the web, but I don't
think that should matter-right?
Any suggestions would be greatly appreciated. Thanks.
When you say Integrated security, do you mean that you're trying to use the
caller's credentials (i.e. impersonation/delegation) or are you using the
same Windows account for all callers (i.e. a trusted service account)? If
the former, you're hitting problems because delegation (i.e. impersonation
across 2 physical machines) is not permitted by default - you'd need to
configure the computer and users to be trusted for delegation in A.D (search
for "delegation" in TechNet for details - it's not for the faint hearted
though!). You'll also lose out an performance gains from connection pooling.
All in all, in most cases you're better using a single Windows account for
all callers.
Hope that helps!
G
--
Graeme Malcolm
Principal Technologist
Content Master Ltd.
www.contentmaster.com
"Elmer Miller" <millere@.empireco.nospam> wrote in message
news:eCeGXS7sEHA.2688@.TK2MSFTNGP14.phx.gbl...
I've been going nuts over this issue:
I have three servers (THUNDERBOLT which is the SQL Server, TOMCAT which is
the IIS server and PANTHER which is a terminal server) with SQLXML 3.0
installed on TOMCAT. I have setup a virtual template directory and can
execute a template query from IE on TOMCAT with SQL XML configured to use
integrated security. However, when I use the same URL from PANTHER, I get
'The page cannot be found'. However, if I configure SQL XML to use sa
instead of integrated security then the template query works from either
machine ok. My question is why can't I use integrated security for SQL XML
and connect from a non-local machine? (I'm using the same domain login in
both cases and the user is a domain admin) Another possible factor in this
is the fact that I'm also using a host-header with the web, but I don't
think that should matter-right?
Any suggestions would be greatly appreciated. Thanks.
|||OK, since I am faint-hearted, I gave up on trying to use the callers
credentials and went with a single SQL account. I found that this works well
enough for my purposes. Thanks.
"Graeme Malcolm" <graemem_cm@.hotmail.com> wrote in message
news:uHtW8kGtEHA.2596@.TK2MSFTNGP15.phx.gbl...
> When you say Integrated security, do you mean that you're trying to use
> the
> caller's credentials (i.e. impersonation/delegation) or are you using the
> same Windows account for all callers (i.e. a trusted service account)? If
> the former, you're hitting problems because delegation (i.e. impersonation
> across 2 physical machines) is not permitted by default - you'd need to
> configure the computer and users to be trusted for delegation in A.D
> (search
> for "delegation" in TechNet for details - it's not for the faint hearted
> though!). You'll also lose out an performance gains from connection
> pooling.
> All in all, in most cases you're better using a single Windows account for
> all callers.
> Hope that helps!
> G
> --
> --
> Graeme Malcolm
> Principal Technologist
> Content Master Ltd.
> www.contentmaster.com
>
> "Elmer Miller" <millere@.empireco.nospam> wrote in message
> news:eCeGXS7sEHA.2688@.TK2MSFTNGP14.phx.gbl...
> I've been going nuts over this issue:
> I have three servers (THUNDERBOLT which is the SQL Server, TOMCAT which is
> the IIS server and PANTHER which is a terminal server) with SQLXML 3.0
> installed on TOMCAT. I have setup a virtual template directory and can
> execute a template query from IE on TOMCAT with SQL XML configured to use
> integrated security. However, when I use the same URL from PANTHER, I get
> 'The page cannot be found'. However, if I configure SQL XML to use sa
> instead of integrated security then the template query works from either
> machine ok. My question is why can't I use integrated security for SQL XML
> and connect from a non-local machine? (I'm using the same domain login in
> both cases and the user is a domain admin) Another possible factor in this
> is the fact that I'm also using a host-header with the web, but I don't
> think that should matter-right?
> Any suggestions would be greatly appreciated. Thanks.
>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment