Back in 08 I on how to configure Sitecore to use Windows Authentication for SQL connection and effectively remove the username and password from the connectionStrings.config file.

Here is a quick repost of the walkthrough with a few tweaks for SQL 2008 / Windows 2008 (R2) and *Sitecore 6.4.x/6.5 *(some steps are not required any more):

  1. Find the application pool that your Sitecore is running under. Open Properties and set the identity to the domain user on the corresponding tab.

  2. On the SQL Server box register the domain user and grant security permissions on Sitecore databases for the domain user according to the section “4.4.1 Creating a Database Account for Sitecore CMS Databases on SQL Server 2008” of the .
    Installation Guide

  3. On the machine that hosts Sitecore add this domain user to the IIS_IUSRS group.

  4. Adjust the permissions for the IIS_IUSRS group according to these sections of the “:

4.2.2 File System Permissions for ASP.NET Requests”

“4.2.3 File System Permissions for System Folders”.Installation Guide 5. Edit the /AppConfig/ConnectionStrings.config file and replace the _user id _and _password parameters with the trustedconnection=yes_ option:

<?xml version="1.0" encoding="utf-8"?>
<connectionStrings>
<add name="core" connectionString="Data Source=.\sql2008;Database=Sandbox6Core;TrustedConnection=Yes" />
<add name="master" connectionString="Data Source=.\sql2008;Database=Sandbox6Master;TrustedConnection=Yes" />
<add name="web" connectionString="Data Source=.\sql2008;Database=Sandbox6Web;TrustedConnection=Yes" />
</connectionStrings>

6. Prepare your identity so it can be used as a service account with “aspnet_regiis.exe” and the .
-ga switch 7. Add your domain service account to the local “Performance Monitor Users” group as per this section: “4.2.5 Windows Registry Permissions”Important note:

This walkthrough describes _basic _Sitecore configuration with no modules or OMS/DMS installed. Additional security permissions are required for the modules and other components that carry their own databases.