This question might be a bit off topic to finalbuilder itself but it raises questions that affect a finalbuilder setup.
We have an envorionment with two domains (our own internal and our hosting network). These domains are deliberately separated (no trust between them) for security reasons.
When we make changes to our software finalbuilder builds a new version an publishes on our test server. All this is one within our internal network and we use integrated login.
We wan't to use integrated login both when deploying and between our application and database for several reasons:
- No passwords are visible in config files (yes know you can encrypt web.config but it means extra work)
- No passwords gets stuck in logs and SCM systems (yes I know i can hide output in FB logs but again, extra work and makes it harder to debug)
- Maintainability: I can change passwords regularly in AD and my systems just go along, I don't need to update several configurations.
When we deploy to production this means that our finalbuilder server (internal network) must deploy to the customer production server (in our hosting network). The buildserver requires quite high access level (sa on sql server, iis admin etc) to do it's operations.
But since there is no trust between the domains integrated login doesn't work because the hosting network doesn't recognize the user our build server runs under.
Does anybody have any suggestion of how to solve this problem or setup differently?