Re: How do I give ASP.NET process network credentials?
From: Jimco Add-ins (jimco@nospam.jimcoaddins.com)
Date: 10/30/02
- Next message: Mattias Helmer: "CRL checking question...again"
- Previous message: Kipp Hawley: "Re: RSA/RC2 key exchange"
- In reply to: Joseph Geretz: "Re: How do I give ASP.NET process network credentials?"
- Next in thread: uvali: "Re: How do I give ASP.NET process network credentials?"
- Reply: uvali: "Re: How do I give ASP.NET process network credentials?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jimco Add-ins" <jimco@nospam.jimcoaddins.com> Date: Tue, 29 Oct 2002 21:12:16 -0600
My point is that if impersonation is set to false, ASP.NET will never run
under the context of the user specified in the <identity> tag. If it's not
working, something else is wrong, but if you set impersonation to false and
you fix the REAL problem, it still won't work so you won't know you fixed
it! :)
-- Jimco Add-ins ------------------------------------------------------------------- http://www.jimcoaddins.com FREE Add-ins and Utilities for FrontPage ------------------------------------------------------------------- Secure pages with ASP! Read our most recent edition of Insights ------------------------------------------------------------------- "Joseph Geretz" <jgeretz@nospam.com> wrote in message news:enPiUQ7fCHA.392@tkmsftngp09... > Hi Jimco, > > I don't know if you have access to the entire thread, but basically I had > this enabled (="true"). It didn't work. A user wrote in saying that in order > to get this to work I need to disable impersonation. His line of reasoning > was that enabling impersonation meant the root process was running under my > interactive credentials, rather than SYSTEM and therefore I couldn't create > the login. (I didn't see why not, my interactive credentials are domain > Admin, but what the heck, I'll try anything). So I tried it. It didn't work. > So the bottom line is impersonation enabled or disabled it doesn't work. > > - Joe Geretz - > > "Jimco Add-ins" <jimco@nospam.jimcoaddins.com> wrote in message > news:#gmCZT6fCHA.392@tkmsftngp09... > > If you want that username and password to be used, impersonation MUST be > > enabled. You have disabled it. > > > > -- > > > > Jimco Add-ins > > ------------------------------------------------------------------- > > http://www.jimcoaddins.com > > FREE Add-ins and Utilities for FrontPage > > ------------------------------------------------------------------- > > Secure pages with ASP! > > Read our most recent edition of Insights > > ------------------------------------------------------------------- > > > > > > > > "Joseph Geretz" <jgeretz@nospam.com> wrote in message > > news:eHzSKN5fCHA.2556@tkmsftngp08... > > > Hi Willy, > > > > > > > 1. Running as SYSTEM should be no problem when impersonating but you > > need > > > to create a logon session by calling Win32 LogonUser. What > > > > exactly did you encounter as a problem? > > > > > > I'm not explicitly creating a logon session, but I'd like to get the > > ASP.NET > > > code running under a specific domain account, by adjusting the various > > > settings in Machine.config and in Web.config, specifically the > > processModel > > > settings and the identity settings. Here are my settings and here is the > > > error presented below, beneath my signature: > > > > > > > 2. .NET classes can be used as COM+ server application > > > > (see EnterpriseServices). > > > > > > Yes, I know this and I routinely engineer claases for COM+, however > since > > > this would be the only usage of COM+ for the entire system, I'd rather > > find > > > a solution that doesn't require COM+. I don't belive that I should need > to > > > use COM+ to do this. > > > > > > Thanks, > > > > > > - Joe Geretz - > > > > > > Machine.config: > > > <processModel enable="true" > > > timeout="Infinite" > > > idleTimeout="Infinite" > > > shutdownTimeout="0:00:05" > > > requestLimit="Infinite" > > > requestQueueLimit="5000" > > > restartQueueLimit="10" > > > memoryLimit="60" > > > webGarden="false" > > > cpuMask="0xffffffff" > > > userName="SYSTEM" > > > password="AutoGenerate" > > > logLevel="Errors" > > > clientConnectedCheck="0:00:05" > > > comAuthenticationLevel="Connect" > > > comImpersonationLevel="Impersonate" > > > responseRestartDeadlockInterval="00:09:00" > > > responseDeadlockInterval="00:03:00" > > > maxWorkerThreads="25" > > > maxIoThreads="25" > > > /> > > > > > > Web.config: > > > <identity impersonate="false" userName="INTERNAL\Administrator" > > > password="bigcheese"/> > > > > > > > > > Server Error in '/PDPortal' Application. > > > > > > > -------------------------------------------------------------------------- > > -- > > > ---- > > > > > > Configuration Error > > > Description: An error occurred during the processing of a configuration > > file > > > required to service this request. Please review the specific error > details > > > below and modify your configuration file appropriately. > > > > > > Parser Error Message: Could not create Windows user token from the > > > credentials specified in the config file. Error from the operating > system > > 'A > > > required privilege is not held by the client. ' > > > > > > Source Error: > > > > > > > > > Line 51: password="password of above specified account" | > > empty > > > string > > > Line 52: --> > > > Line 53: <identity impersonate="false" > > > userName="INTERNAL\Administrator" password="bigcheese"/> > > > Line 54: > > > Line 55: <!-- APPLICATION-LEVEL TRACE LOGGING > > > > > > > > > > > > > > > > > >
- Next message: Mattias Helmer: "CRL checking question...again"
- Previous message: Kipp Hawley: "Re: RSA/RC2 key exchange"
- In reply to: Joseph Geretz: "Re: How do I give ASP.NET process network credentials?"
- Next in thread: uvali: "Re: How do I give ASP.NET process network credentials?"
- Reply: uvali: "Re: How do I give ASP.NET process network credentials?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
