Configure Windows authentication for SQL Server logon

This section relates to Microsoft Windows Server 2008 with Microsoft SQL Server 2012 Standard Edition and IIS 7.

To enable communication between SafeGuard Enterprise Server and SafeGuard Enterprise Database when using Windows authentication, the user must be made a member of Active Directory groups. Local file permissions must be adjusted, and the SQL user account must be populated to the Application Pool of the IIS.

  1. Select Start and then Run. Enter dsa.msc. Open the Active Directory Users and Computers snap-in.
  2. In the navigation tree on the left, expand the domain tree and select Builtin.
  3. Add the respective Windows user to the following groups: IIS_IUSRS, Performance Log Users, Performance Monitor Users.
  4. Exit the snap-in.
  5. On the local file system, in Windows Explorer, right-click the C:\Windows\Temp folder and select Properties. In Properties, select the Security tab.
  6. In Security, click Add, and enter the respective Windows user name in the Enter the object names to select field. Click OK.
  7. In Security, under Permissions click Advanced. In Advanced Security Settings for Temp dialog, on the Permission tab, click Edit. Then set the following permissions in the Object dialog to Allow: List folders / read data, Create files / write data, Delete.
  8. Click OK, exit Temp Properties and then Windows Explorer.
  9. Open Internet Information Services Manager.
  10. In the Connections pane on the left, select Application Pools of the relevant server node.
  11. From the Application Pools list on the right, select SGNSRV-Pool.
  12. In the Actions pane on the left, select Advanced Settings.
  13. In Advanced Settings, under Process Model, for the Identity property, click the ... button.
  14. In Application Pool Identity, select Custom account and click Set.
  15. In Set Credentials, type the relevant Windows user name in the following form: Domain\<Windows user name>. Type and confirm the respective Windows password and then click OK.
  16. In the Connections pane on the left, select the relevant server node and click Restart from the Actions pane.
  17. In the Connections pane on the left, under the relevant server node, under Sites, Default Web Sites, select SGNSRV.
  18. On the SGNSRV home page, double-click Authentication.
  19. Right-click Anonymous authentication and select Edit.
  20. For Anonymous user identity, select Specific user and check that the user name is IUSR. Correct it, if necessary.
  21. Click OK.

Additional configuration when using a Windows account for SQL Server logon is now completed.