views:

142

answers:

2

When I set trust connection = yes in my web.config, what user account does it use?

Is it the 'NT AUTHORITY\NETWORK SERVICE'?

Because I under security in Sql management, I see: NtAuthority/System only??

A: 

It will use the credential of the currently logged in user. The reason you see NETWORK Service is because IIS app pools (by default) runs as that account.

jons911
+2  A: 

It uses the user that your Application Pool is running as, the default being 'NT AUTHORITY\NETWORK SERVICE'

The title of the question should be "What user account will ASP.NET use when I connect to SQL Server using trusted___connection". Trusted_connection uses the current process' (or impersonated) credentials.

Your .NET code runs inside the Application Pool. You can configure the user account the Application Pool runs under within IIS configuration. Best practices is to run your Application Pool under a restricted user account, and grant that user login to the database.

Don't confuse this with the IIS Anonymous User default account, the account the IIS service is running as or the IIS Security tab on the website settings. You can set your web application to impersonate (run as) the user that IIS authenticates them as (See Impersonation in the ASP.NET doco).

Rob

Robert Wagner