You've got at least 2 3 options here:
- Create an App Pool on your web server which runs as
domain/usr
and then assign your app to this app pool, and use integrated security. Your connection string will beData Source=dbServer01;Initial Catalog=POS123;Integrated Security=SSPI;
- i.e. drop the username and password - these are inherent in the AppPool's identity. - or (assuming Mixed Mode security is enabled) ask your DBA's to create a new SQL User (just called
usr
) with the same permissions asdomain/usr
and then change your connection string to standard security, withUser Id=usr
- If you enable impersonation (here and here), you can use the domain credential without changing the app pool identity. Note the point about securing cleartext passwords, and IME this typically also requires additional configuration to avoid the double-hop issue.