MSSQL and PHP authentication.

[sanchez77]

Hey Everyone,

 

So I have two servers in my environment, one is a SQL 2008 server and one is a IIS 7.5 Web Server running PHP 5.3.8. I am able to connect to the SQL and query the database, but only if I give the anonymous user access to the database. When I remove the anonymous account from the database, I show a connection error on the page with the Anonymous account, as if it never impersonates the applciation pool identity or the user that logged into the application.

 

I have followed the instructions for fastcgi and IIS 7, http://learn.iis.net/page.aspx/246/using-fastcgi-to-host-php-applications-on-iis/ and I still can't connect to the database without enabling the anonymous user on the database.

 

cgi.force_redirect=0

cgi.fix_pathinfo=1

fastcgi.impersonate=1

fastcgi.logging=1

 

It should be noted that the web site does not allow anonymous user login, only windows authentication. That is why I feel it never impersonates the anonymous account.

 

Has anyone ran into this situation before, any suggestions for resolving this?

 

Thanks,

sanchez

 

[kicken]

What driver are you using in PHP to connect to sql server?  sqlsrv, mssql, odbc?

 

Can you just create a sql server account and connect that way rather than with windows authentication?  I've not attempted to connect via windows authentication using php before, not sure if it is possible.  I host using apache rather than iis on my dev machine so I just have a sql server account setup and use that.  Our production servers use IIS 7 but they also just use an sql server account rather than windows auth.

 

[sanchez77]

I am using sqlsrv, the latest driver for 5.3. I was hoping to use windows auth so that we didn't have to hard code the connect information to the sql server. Plus, the SQL server is currently only configured for windows authentication.

 

Is it possible to impersonate the windows account and connect to SQL.

 

Thanks,

sanchez