OK, Georg. I've successfully connected to a local database via a trusted connection that is similar to yours. Thank you, sir. I have also been able to connect to a remote database using a trusted connection that is a windows domain account in what the SDK calls "user mode".
Like this in the .config file <securityContext type="log4net.Util.WindowsSecurityContext"> <UserName value="MyUserName" /> <Password value="MyPassword" /> <DomainName value="MyDomain" /> </securityContext> Or like this in code: WindowsSecurityContext securityContext = new log4net.Util.WindowsSecurityContext(); securityContext.DomainName = " MyDomain"; securityContext.UserName = " MyUserName"; securityContext.Password = " MyPassword"; securityContext.ActivateOptions(); adoAppender.SecurityContext = securityContext; Now, I understand that code in Application_Start() runs under the security context of ASPNET, not a user, even an anonymous one. And I understand that we do our lo4net setup work in this method because we don't want to do the config work for every page for every user. I'm just a back-end DBA / database access developer and don't know much about the ASP.NET request/response cycle and security contexts therein. But it seems like my choices are (A) putting passwords in code (B) Giving ASPNET access to all databases at an installation that want to use log4net instead of reducing risk by having a separate account for each database, or (C) doing my log4net config work over and over in Application_BeginRequest() or some spot where I have enough security context to use the "process" mode of log4net.Util.WindowsSecurityContext, therefore hurting performance. Can anyone advise me on this? How secure is putting a password in .NET code? I thought it was a no-no. Or is there a way to use security from the anonymous account without doing a lot of unnecessary work? Whatever, I'm grateful for the help I've gotten so far. Thanks again. -BillyB WILLIAM BARNUM [EMAIL PROTECTED]
