SQL Server Compact merge replication with NT Authentication

Question

I am doing merge replication between SQL Server CE, 3.5 SP2 and SQL Server 2012 via IIS / Websync. Everything works perfectly when I use DB Authentication to connect with the publisher. If I switch it to NT Authentication, I get the following error in my script:

Initializing SQL Server Reconciler has failed. Try again.

...and the following error is logged on the IIS server sync log:

Command=SYNC Hr=00004818 Login failed for user 'domain\user. 18456

The reason I am trying to change this is because (and correct me if i'm wrong) I don't want to store the credentials in my sync script (powershell). I was hoping that if I was using NT authentication, it would use the credentials this script is running under in task scheduler - or whoever is running it manually. Basically, that is my goal - however it can be achieved - to not store creds in the script.

Answer 1

To use Windows authentication, you must use Basic auth on the IIS Server (maybe protect with SSL), but the client must suply a Windows username and password. You can then set PublisherSecurityMode to NTAuthentication and the Windows account wil then log on to the database server. So you must either store creds in the script or prompt the person running the script for credentials, and then set InternetLogin and InternetPassword properties accordingly.

Answer 2

The only way I got this to work is when I ran the wizard and chose "anonymous" for web access. Only then was I prompted to put in credentials which will be used for NT Auth (stored on the web server). This means that all clients connect anonymously and use the same creds for SQL. They cannot each have their own SQL credentials. They can, however, each have their own IIS credentials.