When Windows Authentication is used to connect to SQL Server, Microsoft Windows is completely responsible for authenticating the client. In this case, the client is identified by its Windows user account. With SQL Server Compact Edition replication or remote data access (RDA), the SQL Server Compact Edition Server Agent acts as the database client, running under the identity of a Windows user account:

• When IIS is configured to use Anonymous access, the SQL Server Compact Edition Server Agent runs under the identity of the Internet Guest Account. By default, this is IUSR_computername. If you configure another Windows user account as the IIS anonymous user account, the SQL Server Compact Edition Server Agent runs under the identity of that account.
  
  
• When IIS is configured to use Basic authentication, the SQL Server Compact Edition Server Agent runs under the identity of the Windows user account for which the client supplied the Internet user name and password.
  
  
• When IIS is configured to use Integrated Windows Authentication, the SQL Server Compact Edition Server Agent runs under the identity of the client.
  
  

When SQL Server Authentication is used, SQL Server authenticates the client by comparing the client-supplied user name and password to the list of valid user names and passwords maintained within SQL Server. In this case, the application must supply the appropriate SQL Server logon and password when connecting to SQL Server using replication or remote data access. The SQL Server Compact Edition Client Agent conveys the logon and password to the SQL Server Compact Edition Server Agent. The SQL Server Compact Edition Server Agent invokes SQL Server by using the logon and password specified by the client.