Windows Authentication requires:
- Installing a SQL Server instances
- Creating a new Domain Service Account
- Granting Access to SQL Server database
- Registering Service account to run IIS and ASP.Net
- Assigning account as Identity of Application Pool
For instructions on Creating the SQL account or Installing SQL Server see
Installing and Configuring SQL Server article.
Creating Domain Service Account
The account will need access to the application server and database server. Ensure password expiration is not enabled or the account could lock you out of Secret Server.
Granting Access to SQL Server database
- Connect to the Database instance using SQL Management Studio
- Right click on the Security node (Ensure this is the top most Security node under the instance and not under the database name itself)
- Select New > Login
- Enter the Login name with as Domain\Username
- Ensure Windows Authentication radio button is selected
- If you have already created the database, then under User Mappings select the database and grant dbOwner permission
- Or if you plan to have the Database created for you, Under Server Roles select dbcreator
- Click Ok
Registering Service Account to Run IIS and ASP.NET
Follow the instructions in
Running Secret Server Application Pool as a Service Account article.
Assigning account as Identity of Application Pool
- Open IIS (Run command inetmgr)
- Click the Application Pool Node
- Select Secret Server's Application Pool (Default would be SecretServerAppPool)
- On the Right panel, Click Advanced Settings...
- Scroll down to the Identity row under Process Model
- In the popup select Custom Account, then click Set
- Enter the user as Domain\Username, enter password
- Click Ok
- Recycle the application pool by clicking the Recycle.. button under Application Pool tasks
Article ID: 195, Created On: 11/8/2011, Modified: 1/6/2012