> Im creating an asp.net/sql server app; Id prefer to use a sql server
> account to maximize connection pooling, our security guy wants
> integrated security.  We've reached an agreement where I can use a
> single account as long as its a domain account, but Ive been unable to
> figure out how to do so (if its even possible). Im thinking I either
> need to use integrated security but force sql server to use a single
> account, or use a regular connection string, naming the domain account
> and password with Integrated Security=false.

You could either:
Set the account that ASP.NET uses (not great because it will affect all
ASP.NET applications), or use impersonation [1]

Now the problem is of course that you have to store the domain username
and password somewhere
(At least with a SQL Server user the account info would only allow
someone access to SQL Server and was so easier to lock down)

Chris

[1] http://msdn.microsoft.com/en-us/library/aa292118(VS.71).aspx

===================================
This list is hosted by DevelopMentor®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com