|Case Summary: Connecting to Remote SQL*Server Database
|Date Created: ||02/23/2001|
|Last Modified: ||02/23/2001|
|Problem Type: ||Problem Report|
When IIS and SQL Server are running on separate machines, the NT domain security
must be set up to allow named pipes connections between the two servers.
The NT user account under which IIS runs anonymous processes
(IUSR_servername is the default) must be registered on both the Web server and the
IUSR_servername must be a domain user and must have sufficient security
privileges to establish named pipe connections between the Web server and the SQL
For additional information, refer to the following Microsoft knowledge base articles
which explain important interactions between NT network domains, IIS, and SQL
Alternatively, you can modify the registry to run all applications as the system using
the following key:
Under W3SVC/Parameters, place the value CreateProcessAsUser as a
REG_DWORD and give it a value of 0. This causes CGIs to run with the
CreateProcess( ) API and run in the system context.
Note: This has serious security implications because CGI scripts will have much
greater access to the system than they normally would.