Application pool identity in IIS and Integrated security to SQL Server

Question

If I have an ASP.NET web app using impersonation and a SQL Server connectionstring with Integrated Security = true, does the identity of the IIS application pool of the app

Answer 1

If the SQL Server is on a different box than IIS then the identity of the IIS application pool has to be trusted for constrained delegation. See How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0. If the IIS app is running as NETWORK SERVICE or SYSTEM then the IIS machine account has to be trusted for constrained delegation. The linked resource has all the steps to set this up.

If the SQL Server is on the same machine as IIS then there isn't any requirement afaik.