Re: Access is denied when calling DirectoryEntry
From: Ed leNoir (edleno@safeco.com)
Date: 11/01/02
- Next message: Josh Larkin: "worker threads in asp.net"
- Previous message: Ed leNoir: "Re: How to get UserName / NetBios machine name using FORMS authentication"
- In reply to: Michael: "Access is denied when calling DirectoryEntry"
- Next in thread: Willy Denoyette [MVP]: "Re: Access is denied when calling DirectoryEntry"
- Reply: Willy Denoyette [MVP]: "Re: Access is denied when calling DirectoryEntry"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Ed leNoir" <edleno@safeco.com> Date: Thu, 31 Oct 2002 19:32:55 -0800
Grant the privalege "Act as part of the operating system" (also known as
SE_TCB_PRIVELAGE) to ASPNET so it can do the logon. You have to use the
local security policy editor. That seems preferable to using System. The
requirement to have this privelage is dropped in Windows XP. There's a
knowledge base article out there:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q306158
- Ed
"Michael" <mastrauckas@appdevgrp.com> wrote in message
news:b11d01c27f57$e17dde40$39ef2ecf@TKMSFTNGXA08...
> Hello everyone. I have a problem i'm hoping someone can
> help me with I'll copy and paste my code
>
> DirectoryEntry objDirPar = null;
> int iLength = 0;
> objDirPar = new DirectoryEntry
> ("IIS://localhost/W3SVC/1/Root/QFDemo", "Administrator", "p
> ass");
> StringBuilder sbDefaultPage = new
> StringBuilder(objDirPar.Properties
> ["DefaultDoc"].Value.ToString());
>
> Now when I run this I get "Access is denied" when I call
> objDirPar.Properties even though i'm using the
> Adminstrator acccount in the constructor??? So I put this
> into my web.config
>
> <identity impersonate="true" userName="Adminstrator"
> password="pass"/> and I get the error:
>
> Parser Error Message: Could not create Windows user token
> from the credentials specified in the config file. Error
> from the operating system 'A required privilege is not
> held by the client. '
>
> The only way i can fix this problem is by changing the
> machine.config xml. If I change processModel tag and
> changing userName from machine to system everything works
> just fine. Now this is a big security hole if I do
> this!!! So is there any other way I can do this without
> putting this security hole in my web application?
>
> Also, on another note, can you share a Application
> variable in ASP 3.0 with a Application variable in ASP.NET
> if they're part of the same web application?
>
> Michael
>
>
>
>
>
- Next message: Josh Larkin: "worker threads in asp.net"
- Previous message: Ed leNoir: "Re: How to get UserName / NetBios machine name using FORMS authentication"
- In reply to: Michael: "Access is denied when calling DirectoryEntry"
- Next in thread: Willy Denoyette [MVP]: "Re: Access is denied when calling DirectoryEntry"
- Reply: Willy Denoyette [MVP]: "Re: Access is denied when calling DirectoryEntry"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
