Re: start process as impersonated account for NETSH DHCP?
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 11/23/04
- Next message: Evgeny Zoldin: "Re: How to change user account properties by ASP.NET?"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: How to change user account properties by ASP.NET?"
- In reply to: Monroe: "start process as impersonated account for NETSH DHCP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Nov 2004 15:54:03 -0600
Processes created by the Process class will be started with current process
token's account, not the impersonated account. The thing I don't understand
is why your ASP.NET worker process is still running as ASPNET as that change
should have allowed you to accomplish your goal. Is it possible that there
are multiple versions of the framework installed and you changed the wrong
config file? Is this IIS 6, 5.1 or 5? 6 doesn't use the processModel
section but is configured via the MMC in the AppPool settings.
Another good option I've seen for starting a process as a specific user is
to use WMI to accomplish this, but I haven't been able to find the code
sample that was posted here that shows how.
HTH,
Joe K.
"Monroe" <monroe.golden@bellsouth.com> wrote in message
news:722dd0b8.0411231227.48fba9ae@posting.google.com...
> Am trying to automatically query and update DHCP servers via a web
> application with VB.NET. Testing with a privileged account, defined
> thus in web.config:
>
> <identity impersonate="true" userName="<domain>\<user>"
> password="<password>" />
>
> Have also modified machine.config thusly, and restarted IIS (but
> haven't rebooted):
>
> <processModel enable="true" ... userName="<domain>\<user>"
> password="<password>" />
>
> I can run NETSH commands interactively when logged in. Also, in code
> below, I confirm that I am impersonating the user rather than running
> as ASPNET. It still seems that the process is running with limited
> rights of ASPNET; output reads: "Unable to determine the DHCP Server
> version for the Server <ip>.Server may not function properly."
>
> Dim proc As New System.Diagnostics.Process()
> proc.StartInfo.FileName = "netsh"
> proc.StartInfo.Arguments = "dhcp server <ip> show scope"
> proc.StartInfo.WindowStyle =
> System.Diagnostics.ProcessWindowStyle.Hidden
> proc.StartInfo.UseShellExecute = False
> proc.StartInfo.RedirectStandardOutput = True
> proc.Start()
> TextBox1.Text = proc.StandardOutput.ReadToEnd.ToString & " " &
> System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString
> proc.Close()
> proc.Dispose()
>
> How can I ensure/confirm that the System.Diagnostic.Process is running
> as the impersonated account, and not the parent? Assistance greatly
> appreciated!
- Next message: Evgeny Zoldin: "Re: How to change user account properties by ASP.NET?"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: How to change user account properties by ASP.NET?"
- In reply to: Monroe: "start process as impersonated account for NETSH DHCP?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
