We implemented impersonation\delegation to pass windows credential to all AF SDK calls. The 1st phase implementation where SQL server resides on the same box as AF server, things were working. We switched to have SQL server sitting on a separate box (VM) and changing the AF Service connection string to point to the new SQL server instance, then the Impersonate\delegation stops working. However, based on the AF detail loggings to Event Viewer, we are able to see proper USER id is being passed to AF SDK call. See below detail log copied from event viewer.
Does anyone know why?
Stop working = none of the AF DB is being returned when accessing AFDatabases.
Here is my 1st phase implementation, how I got it working..
Service authorization succeeded.
ClientIdentity: DEVCLD\clim; S-1-5-21-871181246-4234381062-482176449-1110