Connection string with password or impersonation RRS feed

  • Question

  • Which is the best solution for a program which runs as networkservice (or defined user) and needs to be connected to a database as a specific user:

    DbConnection ConnectionString with username and password
    Impersonate Windows Identity just before running the query

    Keep in mind security is important in my case.


    • Moved by Bob Beauchemin Wednesday, September 8, 2010 6:10 PM Moved to a more relevent forum (From:.NET Framework inside SQL Server)
    Wednesday, September 8, 2010 2:04 PM


All replies

  • Pablo Castro [MS] answered on this:

    When you specify "integrated security=true" in the connection string, you're
    asking SqlClient to pick up the Windows identity from the calling thread and
    use that to authenticate against the server.

    The Windows identity cannot be specified in the connection string, only SQL
    auth logins can go there.

    If you need to use a different account, you'll have to "impersonate" that



    • Marked as answer by liurong luo Friday, September 10, 2010 8:07 AM
    Thursday, September 9, 2010 10:03 AM
  • Hello,

    Thanks for sharing the solution, it definitely benifits the community members!

    Have a nice day!

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have any feedback, please tell us.
    Welcome to the All-In-One Code Framework!
    Friday, September 10, 2010 8:07 AM