Hi,
I'm running a few machines on Windows Server 2008 R2. One is a domain controller, one is a database server, one VPN server, and a web server.
In order to provide Windows Authentication access to our SQL Server installation, I need to configure some user accounts in Active Directory. One of the 'users' that will be accessing the database is our Web Server itself. The Web Server service runs on
a Virtual Account. I'm not sure if SQL Server will accept the credentials of the Virtual Account.
So I've created a limited domain user account for the purpose, which the Web Server can use to impersonate as when accessing SQL Server.
However, since nobody needs to login to this limited user account that will just be used by one service to access another service behind the scenes, I want to prevent anybody from being able to use this account's credentials to login to any machine on the domain.
How can I do this?
OR, if anybody knows of a way to use the Virtual Account created by IIS7 to run its websites to connect to SQL Server directly, that would be great.