Hello all,
Here is a question that has been bothering me a lot and I can't seem to get resolved.
I've got an IIS machine that runs an ASP.Net application. This application connects to a SQL server.
To avoid having usernames and passwords in the connection string, I've changed the Identification of the application pool to a user that has access to the SQL server, let's call is "Connector".
In this application I also perform LDAP authentication using the DirectorySearcher class.
Suddenly I realized that whenever I supply a fully qualified username to the DirectoryEntry object constructor (such as domain\username or username@domain) everything seems to work fine but whenever I only supply the username without the domain, it throws an exception.
As a bit of troubleshooting, I've changed the Identity of the application to NetworkService, and suddenly, all works fine, both with or without domain specification.
I've tried to look around a little bit and I don't get why this is happening.
The "Connector" user belongs to the "IIS_WPG" group, and he even is a local admin of the IIS machine...
I need to use the "Connector" user in the Identity.
Any ideas on how to go around this? And also quite nice to have, can someone explain to me why this is happening?
Thanks in advance,
Submit an article or tip