this will work for one of my web sites, but for another I need to allow access to only specific users. the user have SQL accounts on the SQL server and they need to use these accounts when they log on to the web site. >>> josephk@xxxxxxxxx 6/24/2004 12:57:01 AM >>> http://www.ISAserver.org Hi Nathan, What you need to do on the web server. On the NIC that is on the web server make sure that you allow for hosts files to be used. The reason I do this is because my web server in the DMZ is not located in any domain and I want to create an odbc driver that points to my SQL machine behind my second ISA box. Then you need to create a user on the web machine i.e. WEBPERSON and for each web that You allow access to change the default security and user to the WEBPERSON name that you Created on the web machine. That will allow you to use a trusted connection from the Web site to the backend sql box. On the SQL machine behind your ISA box, create the same local user WEBPERSON with the Same password that you had on the web machine. Assign that person as a user to the SQL box. If the users only need web access create a read only view on the data and Present that to the users from the web page. This set up will allow you to have external web users read the web page and Having it populate data from your SQL machine. If you need some additional written instructions, I could put some together for you And have them posted maybe out on ISASERVER.ORG Thank you, Joseph -----Original Message----- From: nathan [mailto:ncasey@xxxxxxxxxxxxxxxxx] Sent: Wednesday, June 23, 2004 5:36 PM To: [ISAserver.org Discussion List] Subject: [isalist] Authentication http://www.ISAserver.org With server publishing, if I publish a SQL server do I also now set the web app to point to the ISA server as the location of the SQL server? If so, does the ISA server forward the request to the SQL server with the username and password of the user (original requester)? We have a internet website that allows employees to search a records DB containing real estate info from the internet (https://www.sonoma.com/webapp). The users that access this page have only read access to the table containing the info. When the user accesses the page they are prompted for a username and password to access the information (SQL Authentication). Internet Router (Public IP) | | PIX FIREWALL | | Web server | | PIX FIREWALL *internal Network* | | ISA SERVER | | SQL SERVER ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ncasey@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist