locked
setup WFE in DMZ using SQL authentication RRS feed

  • Question

  • Scenario :

    I have a internet facing MOSS 2007 portal. I want to put WFE in DMZ, while SQL Server in Corporate Network. For security reason, I cannot have domain trust from DMZ to Corporate Network.

    The way Microsoft presents - using SQL Authentication from WFE to SQL Server, when installing and configuring MOSS.

    Question :

    1. Has anyone implemented this SQL Authentication method, is it possible at all?

    2. If the service accounts for configuring WFE are SQL accounts , can the corporate users still sign in using there Windows Credentials ?

    Thank you in advance for any advice!


    -Bin
    Thursday, January 6, 2011 9:01 PM

Answers

  • Hi,

     

    According to your description, I think you can use SQL authentication to achieve it. However bear in mind that the SQL UserId and Password is passed over the network (and stored) in plain text so you should look to mitigate that risk.
    In addition, the link VJ found is perfect, I suggest you should refer to it.

    I hope it can help you a little.
    Best regards,
    David Hu

     

    • Marked as answer by Peng Lei Friday, January 14, 2011 2:09 AM
    Monday, January 10, 2011 2:19 AM

All replies

  • hey bin

    Check this out

    http://support.microsoft.com/kb/932376

     

    Cheers

    VJ

    Friday, January 7, 2011 1:48 AM
  • It is definitely possible to implement SQL authentication. You will have provide the SQL authentication details when you are configuring your farm.

    In case of a custom implementation, make sure sql authentication connection strings are used in the web.config.

    In order for your corporate user to sign in using Windows Credentials, you will have to set the authentication providers for the web application appropirately (NTLM/Kerberos).

    Thanks,
    Dip

    Friday, January 7, 2011 4:48 AM
  • Hi,

     

    According to your description, I think you can use SQL authentication to achieve it. However bear in mind that the SQL UserId and Password is passed over the network (and stored) in plain text so you should look to mitigate that risk.
    In addition, the link VJ found is perfect, I suggest you should refer to it.

    I hope it can help you a little.
    Best regards,
    David Hu

     

    • Marked as answer by Peng Lei Friday, January 14, 2011 2:09 AM
    Monday, January 10, 2011 2:19 AM