Re: Troubleshoot Security Issues

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 03/26/04

  • Next message: [MSFT]: "RE: C#: How do I orce a server to refresh its list of security groups from an Active Directory."
    Date: Fri, 26 Mar 2004 13:44:34 +1100
    
    

    a) You can put a trace on the network -or- you can dump out all the values
    in the Request.ServerVariables() collection. If you see something like
    Auth_Type: Negotiate, then Kerberos was used. If you see something like
    Auth_Type: NTLM then NTLM was used.

    b) Is ASP.Net impersonating correctly? If you have <identity
    impersonate="true"> and set authentication to Windows then it should
    impersonate.

    c) Is delegation working correctly? I don't know. Why don't you tell us what
    you've done, and what's happening?

    Cheers
    Ken

    "Raterus" <raterus@localhost> wrote in message
    news:e$f2whqEEHA.3576@tk2msftngp13.phx.gbl...
    : What is the easiest way to troubleshoot security issues?
    :
    : I'm trying to set up a delegation secnario, which I wrote an question
    about
    : yesterday. Something isn't working in it, but I feel kind of helpless to
    : even know if what I think I set up is actually what is happening in the
    : background. For instance, i'm trying to get my asp.net application to
    : delegate to another computer to be able to access files on a network
    share.
    : How do I really know my browser is authenticating with Kerberos?, Is
    asp.net
    : impersonating correctly, when it accesses this network share, is
    delegation
    : working correctly?. Lots of issues like this, what is the best way to
    look
    : at this information?
    :
    :


  • Next message: [MSFT]: "RE: C#: How do I orce a server to refresh its list of security groups from an Active Directory."