Firstly let me thank everyone for their insight and advise.
Finally the problem has been solved and in the end was quite simple. There
is no need to configure the server or COM+ application differently from the
default i.e. Active Directory accounts are not trusted for delegation (also
*not* marked as sensitive), COM+ application has default impersonation level
(impersonate), server is not trusted for delegation, global DCOM settings
are the default.
The following code snippet solved the problem (Inserted into the data access
component - gotta love this tiered architecture):
Private Declare Function CoImpersonateClient Lib "ole32.dll" () As Long
Private Declare Function CoRevertToSelf Lib "ole32.dll" () As Long
Private Function OpenConnection(Byval vsConnectionString as String) As
'Open connection to the database using the connection string provided
(including Integrated Security = SPPI setting)
One thing to note is that this does *not* work when the IIS server is
configured with integegrated security. I have tested it with Basic Clear
Text ... In the case of using the integrated security the application
server tries to log into the database as the NT Authority ??? (anyone care
This solution comes from the book: Designing Secure Windows 2000
Application, Microsoft Press, (don't know the author off hand). Very good
book if anyone is interested.
Thanks to all for the help and insight.
PS: The multiple topic subject line and post address should give an idea of
how many different post I attempted and forums I posted to