Re: Difference between ASPNET account and IIS Anon Access account

From: Justin Narracott (justin@traindotnet.com)
Date: 03/02/03

Next message: Bob: "Re: Unable to use Kerberos Delegation from IE6 --> IIS 5.0 (asp.net)--> SQL 2000"
Previous message: Ramiro Calderon Romero: "Re: SQL - Login falied, user null error w SSPI"
In reply to: ShikariShambu: "Difference between ASPNET account and IIS Anon Access account"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Justin Narracott" <justin@traindotnet.com>
Date: Sun, 2 Mar 2003 23:22:00 +0100

"ShikariShambu" <shikarishambu70@hotmail.com> wrote in message
news:unb0iQP4CHA.1900@TK2MSFTNGP10.phx.gbl...
> Hi,
> I would like to understand the roles of machinename\ASPNET account
and the
> IIS Anon Access Account.
>
> Does a ASP.NET website run under machinename\ASPNET account or does it
use
> the IIS Anon Access account (if the IIS is configured for anonymous
access)?
>
> TIA
>

If using IIS Anonymous Authentication, the MACHINE\IUSR_MACHINE account
will be used unless you set the <identity impersonate = "true"/> in your
WEB.CONFIG file. This is the case for Windows or Forms Authentication.

I would reccomend you test this by using the
WindowsIdentity.GetCurrent() method

If however you set the <identity impersonate = "false"/> Then the
MACHINE\ASPNET account will be used.

I would strongly recommend you test this by using the
WindowsIdentity.GetCurrent() method

Bare in mind that the IPrincipal object will return the name provided by
the logged in user if you use forms authentication, again don't take my
word for it, try it out testing the HttpContext.Current.User. With
Windows Authentication this will be NULL in Anonymous Authentication.

HTH
Justin
>

Next message: Bob: "Re: Unable to use Kerberos Delegation from IE6 --> IIS 5.0 (asp.net)--> SQL 2000"
Previous message: Ramiro Calderon Romero: "Re: SQL - Login falied, user null error w SSPI"
In reply to: ShikariShambu: "Difference between ASPNET account and IIS Anon Access account"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Basic Authentication fails with Error 401.2 where Integrated s
... Just as a check I used NET USER /ADD on my test account and as expected ... The password dialog is supposed to appear for Basic authentication ... Thinking more esoterically now -- what are the login rights assigned ... IIS uses a specific login type, ...
(microsoft.public.inetserver.iis.security)
Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
... Everytime I attempt to login under Basic Authentication, ... IUSR_blah account. ... the anonymous user impersonated by the IIS Server is the ... > Event Viewer Security log. ...
(microsoft.public.inetserver.iis.security)
Re: Basic Authentication fails with Error 401.2 where Integrated s
... here are the results of the MS Authentication & Access ... ACCOUNTNAME, this is the account that I am trying to grant access to: ... Account: COMPUTERNAME\ACCOUNTNAME Access type: FULL ... The current configuration requires IIS subauthentication. ...
(microsoft.public.inetserver.iis.security)
Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
... authentication selected, anonymous & windows integrated *not* selected) ... browsing to this VDIR as the local administrator account via Basic-only ... the anonymous user impersonated by the IIS Server is the ...
(microsoft.public.inetserver.iis.security)
Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
... have both anonymous and basic authentication checked, ... > browsing to this VDIR as the local administrator account via Basic-only ... > This posting is provided "AS IS" with no warranties, and confers no rights. ... I turned on Failure auditing for all ...
(microsoft.public.inetserver.iis.security)