IIS and SQL server securities

Dear all experts,
We have an ASP application previously deployed on machine A, where the web
server (W2K-IIS) and database server (SQLServer 7.0) are installed. When we
try to move the database server to machine B, the ASP application threw an
exception when it tries to connect to the remote database:
Login failed for user 'XXX'. Reason: Not associated with a trusted SQL
server connection.
Both machine A and B do not belong to any domain (but are of the same
workgroup, same subnet.) We googled for it and found some websites suggest
that the SQL Server should be configured to use Windows _AND_ SQL
authentication. However this has no effect since it is already the default
of SQL Server 7.0. Some websites also suggest to use several combinations of
system user account and SQL server user accounts but it didn't solve the
problem either.
Finally, we seem to have found a workable solution. We changed the anonymous
user proxy account (previously IUSR_XXX) in IIS to a sytem user who is in
the local Administrators group and the ASP application works! I know that's
likely not the right way to solve the problem as it would make everyone to
use the Administrators role to execute the ASP application.
So my question is, how should we configure the servers so that the IIS (with
IUSR_XXX role) can talk with the remote SQL Server (with pure
username/password authentication)? How can we completely disable Windows
authentication and access controls?
Thank you very much,
KennethThis article has your solution.
253500 PRB: "Client Unable to Establish Connection" Error Message When
http://support.microsoft.com/?id=253500
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.