I had posted this initially in the "Install It" forum but after thinking about it, it might be more well suited here in the AD forum.
I would like to thank the DNN community and associated developers out ther for creating such a robust and easy to use CMS. It will work wonderfully for us to use on our intranet is I can only get one more thing fixed!
My problem is that our system admins are very security aware. I have set up DNN to use AD authentication by removing the comment in the "web.config" file to read:
<add name="Authentication" type="DotNetNuke.HttpModules.AuthenticationModule, DotNetNuke.HttpModules.Authentication" />
As well as windows authentication by uncommenting:
<authentication mode="Windows" />
<identity impersonate="true" />
I have set up IIS to use windows authentication and turned off anonymous access. It is also configured as a web application and is using .NET 20. as well. We also have a working SPN between the web server and the SQL server. (We have other DB driven apps on the server that work just fine.)
The connection string is valid to the SQL server as it has worked in the past. To get it to work, I had to add the "DOMAIN\AspNet" account to the database. The SQL Admin doesn't approve of that and only wants domain users to have access.
It then appears that IIS processess the global.asax BEFORE it gets the web.config file. Therefore, the code in the App_code/global.asax.vb gets run under the ASP.NET worker service account credentials. The global.asax code is trying to verify the DNN database and needs to see if it exists. If the worker service is not listed in the database, I get the error:
Login failed for user 'DOMAIN/dnn_svc' ...
My issue is that I need to only use the logged in user credentials. Has anyone figured out how to use integrated security and not have a hard coded password? HELP, please?!
Thanks in advance,
- Todd