Re: How do I give ASP.NET process network credentials?

From: Joseph Geretz (jgeretz@nospam.com)
Date: 10/29/02

• Next message: Dave Morgereth: "Certificate Server API"
• Previous message: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• In reply to: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• Next in thread: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• Reply: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Joseph Geretz" <jgeretz@nospam.com>
Date: Tue, 29 Oct 2002 14:16:05 -0500

Hi Willy,

> A local account 'can' impersonate a domain account provided he has the
privilege to create a logon session (to get an access
> token)for that account, by default only SYSTEM can do this on W2K

Well, for some reason it's not working. I'm running the site on a Win2K
member server. Machine.config specifies username of SYSTEM in processModel,
but I'm not able to impersonate.

> One possible solution is to drop your network access code into a COM+
server application and run this code as a distinct user with
> network credentials, after all "security services" are one of the purposes
of COM+ services right?.

Well yes, but this is native .NET running on the server. If I can keep the
solution native .NET I'll have much simpler deployment and support. Given
the plethora of user/priviledge/impersonation options built into the .NET
model, it seems to me that I should be able to do this natively with .NET.
But how?

Thanks,

- Joe Geretz -

• Next message: Dave Morgereth: "Certificate Server API"
• Previous message: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• In reply to: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• Next in thread: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• Reply: Willy Denoyette [MVP]: "Re: How do I give ASP.NET process network credentials?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Kerberos protocol transition is not working over DCOM ... can see the COM+ component's constructor being called on the server side. ... I haven't yet tried with a normal account. ... The account calling LsaLogonUser is service1 and it has the above six ... user1 is the account I'm trying to impersonate. ... (microsoft.public.platformsdk.security) Re: security on the web.config file ... the reason I use the impersonate is the web site will allow ... different network shares on multiple servers so the impersonated account has ... the .config file can only we accessed from the server ... (microsoft.public.dotnet.framework.aspnet) Re: Global.asax not allowing identity impersonation? ... When you set Identity Impersonate=true, ... request processing. ... Not allowed to use the ASPNET machine account in SQL Server (very ... (microsoft.public.dotnet.framework.aspnet) Re: Sql Reporting Serviced - > ASP.NET ACCESS DENIED! ... The account you are logging in to when on the server doesn't have the ... do you have <Impersonate> set to True? ... > Exception Details: System.UnauthorizedAccessException: Access to the path ... (microsoft.public.dotnet.framework.aspnet.security) Re: Win2000 Impersonation weirdness? (or is it a conundrum?) ... Is the server joined to a domain? ... priveleges to impersonate in a domain. ... The privilege need not be ... > default as an unprivileged account ... (microsoft.public.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint