Home/ Questions/Q 8248411
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T23:10:55+00:00

I have recently been working on a ASP.NET project for a client. The project

  • 0

I have recently been working on a ASP.NET project for a client. The project was to migrate the database from the old Oracle database to a new SQL Server 2008 database. The migration went well and most of the procedures did not take to long to fix. However we are now having a problem, up until now we have been using SQL Server authentication and using a username and password to access the database from the .NET code. Below shows the connection string:

<add key="DatabaseConnectionString" value="Data Source=DATASOURCE;Initial Catalog=DATABASE;User Id=USERID;Password=PASSWORD;"/>

This was working fine however recently i have recieved an email from the client saying:

“Instead of using a local SQL account for the .NET app to access the database could you please use an Active Directory account. In the web.config it will say <domain name>/<username> rather than just <username>.”

What i am confused about is:

Do i have to change the Authentication mode within SQL Server to Windows Authentication?
Does the client mean to change it from <username> to <domain>/<username> or the other way round?
Where abouts in the web.config do i need to make this change to the username? Is it in the connectionstring?

Any help on this would be great.

Also im not sure if you would need to know this but i have added it anyway…

This is the Authentication section of the web.config:

<identity impersonate="true"/>
<authentication mode="Windows"/>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Do i have to change the Authentication mode within SQL Server to Windows Authentication?

    No, because Windows Authentication is always enabled. However, disabling Sql Server Authentication is a good practice.

    Does the client mean to change it from “username” to “domain/username”

    No. This is not only about adding the domain name. You need to authenticate the user against the active directory and use delegation for the sql connection. To use the windows account, you need to decide whether you want a specific account to access the Sql Server, or the web site logged in user account.
    I think the first way is almost always better. For that you need to delete the user id and password from the connection string and replace it with “Integrated Security=SSPI”, and set the application pool identity to the active directory user account. In Sql Server you need to give this account the right to do what you need.
    For the second way, you need windows authentication for users in your web site, and use delegation for the connection. I don’t know if impersonation is enough for that.

    • 0