Apr 04, 2017 05:29 PM|PatriceSc|LINK
This not just linked server. If you want to access to another server than the web server with the impersonate account you have to explicitely allow that (else by default you could just impersonate anyone on a company server to access to whatever you want
using the user credentials).
To clarify the current situation I would :
- create a test page to see how the user is seen on the web server (IsAuthenticated, Identity.Name, AuthenticationType etc...) to make sure it works between the browser and the server
- then from doing a test from the web server to SQL Server (for now I asume this is the step that fails):
Of course make 100% sure you have no way around using the actual user identity to connect to SQL Server. If not don't use integrated security to connect for now to SQL Server (also make sure impersonation is needed ie if you have AD groups on the web site
it will be still used (you could also use Authorize attributes) even if the user is not impersonated ie "who is connected to the site" and "Under which account the server side code runs" are two separate and independent concepts.