All,
First let me explain My Application's deployment scenerio.
My Application server is on win2003 + IIS6.0.
I created a local user called XYZ on the server. My web application's
pool run under this user's identity.
The DB machine (SQL Server 2000)on which the DTS is present is having
the same local account with the same credentials.
In my code i am loading a DTS package by calling function
LoadFromSQLServer. I am using trusted connection as one of the parameters.
When this line of code is executed i get the following error
"System.Runtime.InteropServices.COMException: Cannot generate SSPI
context"
My App server and DB server are separeted by a firewall.

I dont get any error if my App server and DB Server are in the same
domain ( witout firewall).
Can anybody help me out??


Thanx in advance

Cannot Generate SSPI context would mean that you cannot authenticate against
a domain controller. Have you tried using SQL Server security?

Also

http://support.microsoft.com/default...&Product=sql2k

By default Your SQL Server will be listening on 1433. Is that open?

--



Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP)
www.SQLDTS.com - The site for all your DTS needs.
www.SQLIS.com - You thought DTS was good. here we show you the new stuff.
www.konesans.com - Consultancy from the people who know


"Sandeep" <m_sandeep78 (AT) indiatimes (DOT) com> wrote

Thanx Allan
My code to connect to SQL is working fine with windows authentication.
The only grey area is invoking DTS packages which is unmanaged for .Net.
I can run my Stored Proc with current approach.
The reason i am not going for SQL Authentication is that my credentials are
flowing as free text over the wire and anybody can sniff it.
Hope you understand my concern.

"Allan Mitchell" <allan (AT) no-spam (DOT) sqldts.com> wrote

Do you have the DTS dlls on your Web box?

I would also run through this article

http://support.microsoft.com/?id=811889

--



Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP)
www.SQLDTS.com - The site for all your DTS needs.
www.SQLIS.com - You thought DTS was good. here we show you the new stuff.
www.konesans.com - Consultancy from the people who know


"Sandeep" <m_sandeep78 (AT) indiatimes (DOT) com> wrote

Yes i have SQL 2000 installed on the Web Server.
I even can not register the Database Server Using Windows Auth by enterprise
manager.
It gives the same error "cannot generate the sspi context"

"Allan Mitchell" <allan (AT) no-spam (DOT) sqldts.com> wrote

This is probably the firewall. If you don't allow certain ports between
servers and DCs, and servers and servers then you cannot use Windows Auth or
even maintain a domain. I have seen this exact error recently with a new
deployment, when the firewalls where locked down too far, although its
always a good base line to start from. Talk to your security people, that's
what I did.

--
Darren Green
http://www.sqldts.com

"Sandeep" <m_sandeep78 (AT) indiatimes (DOT) com> wrote

Thanx Darren,
I am confused from one aspect...
When i try to register the SQL Server (which is inside the firewall) thru
enterprise manager of App server (Outside Firewall) with SQL Auth, it
succeeds.
However the same registration fails when i do it with Windows Auth.( I get
the same error "sspi context")
I dont think it could be a problem with the ports. I believe there is
something wrong on the DB Server which i am not able to figure out.
Thanx again.


"Darren Green" <darren.green (AT) reply-to-newsgroup-sqldts (DOT) com> wrote

This would suggest then that you _CAN_ communicate with the database server.
You cannot however communicate with the domain controller to validate your
windows account.


--



Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP)
www.SQLDTS.com - The site for all your DTS needs.
www.SQLIS.com - You thought DTS was good. here we show you the new stuff.
www.konesans.com - Consultancy from the people who know


"Sandeep" <m_sandeep78 (AT) indiatimes (DOT) com> wrote