My environment: IIS7.5 on Win7, SQL Server 2008R2 on Win2008R2, VS2010, ASP.NET 4.0
My Scenario:
I have an intranet website running under IIS. The site requires access to a SQL Server database on a different server.
The site Authentication has "Windows Authentication" and "ASP.Net Impersonation" enabled.
The site uses an Application Pool with ".NET Framework Version" = "v4.0", "Managed Pipeline Mode" = "Integrated" and "Identity" ="ApplicationPoolIdentity".
The database connection string is "Data Source=RSDXTST01.RESOLUTEENERGY.COM;Initial Catalog=ResoluteIntranet_Test;Trusted_Connection=yes".
My Issue:
When I inherited responsibility for this website there was a Sql Server Login "NT AUTHORITY\ANONYMOUS LOGON" with "public" and "sysadmin" server roles.
Our IT manager is uncomfortable with this login being in a sysadmin role. He's also uncomfortable with coding credentials into connection strings. He suggested that I create a special domain user in Windows with appropriate permissions, but how do I get IIS to attempt connecting to the database using this account instead of "NT AUTHORITY\ANONYMOUS LOGON"?