Last post Mar 20, 2014 10:54 PM by Terry Guo - MSFT
Mar 19, 2014 08:54 PM|oni-sys|LINK
ASP.NET 2.0 Custom Membership Provider Breaks After Deployment to IIS 7.5
I am developing a www site on a Win7 64, using VS2008 and a SQL2008 Server. It has a custom membership provider, which when I compile and run the site from VS2008, everything works fine.
The site when deployed to a 2003 64bit server, with a remote SQL2008 server also works fine.
I installed IIS 7.5 on the dev machine, made a copy of the site and mounted it in IIS7. When I start the site up, everything loads without errors. The site uses integrated windows security, which if the user is not in the provider database they get forwarded
to a not authorized page. I get forwarded to the not authorize page, not matter what I do to the configs.
I tried using the tips suggested here:
which didn't resolve the issue.
I have declared the applicationName in my provider, which is an issue people have had in the past with moving the sites to production.
Mar 20, 2014 10:54 PM|Terry Guo - MSFT|LINK
If your issue is with linked servers, you need to look at a few things.
First, your users need to have delegation enabled and if the only thing that's changed, it'l likely they do. Otherwise you can uncheck the "Account is sensitive and cannot be delegated" checkbox is the user properties in AD.
Second, your service account(s) must be trusted for delegation. Since you recetly changed your service account I suspect this is the culprit. (http://technet.microsoft.com/en-us/library/cc739474(v=ws.10).aspx)
You mentioned that you might have some SPN issues, so be sure to set the SPN for both endpoints, otherwise you will not be able to see the delegation tab in AD. Also make sure you're in advanced view in "Active Directory Users and Computers."
If you still do not see the delegation tab, even after correcting your SPN, make sure your domain not in 2000 mode. If it is, you can "raise domain function level."
At this point, you can now mark the account as trusted for delegation:
In the details pane, right-click the user you want to be trusted for delegation, and click Properties.
Click the Delegation tab, select the Account is trusted for delegation check box, and then click OK.
Finally you will also need to set all the machines as trusted for delegation.
Once you've done this, reconnect to your sql server and test your liked servers. They should work.
Hope it helps.