Re: Security issues with Win2003 and ASPNet app
From: RichardF (noone_at_nowhere.com)
Date: 04/28/05
- Previous message: rk325: "turning cookieless mode false for client browsers that do not accept cookies"
- In reply to: Dominick Baier [DevelopMentor]: "Re: Security issues with Win2003 and ASPNet app"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: Security issues with Win2003 and ASPNet app"
- Reply: Dominick Baier [DevelopMentor]: "Re: Security issues with Win2003 and ASPNet app"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Apr 2005 11:11:40 -0500
Thanks for the help, I will give that a go. (Assuming I can figure
out how to add a App Pool!)
Once I do this, how do I then configure permssions on the SQL server
and Image server machines?
RichardF
On Thu, 28 Apr 2005 08:26:20 -0700, Dominick Baier [DevelopMentor]
<dbaier@pleasepleasenospamdevelop.com> wrote:
>Hello RichardF,
>
>you can configure the identity of your web service using the Application
>Pool feature of IIS6.
>
>Add a new AppPool - give it an identity (local or domain) - and add the web
>service application to the AppPool (WebApp properties)
>
>Add the account to IIS_WPG and give it access to \windows\microsoft.net\framework\v\temporary
>asp.net files\ and \windows\temp
>
>HTH
>
>---------------------------------------
>Dominick Baier - DevelopMentor
>http://www.leastprivilege.com
>
>> I have an ASP.NET Web Service and Web Site. It accesses a SQL
>> database for its data and retrieves images from another server.
>>
>> There are 4 servers all running Win 2003 as follows...
>>
>> 1 - Domain Controller
>> 2 - SQL Server
>> 3 - IIS Server (runs Web Service and Web Site)
>> 4 - File Server (stores all the image files)
>> I am having lots of issues with permissions because my Web Service is
>> running as a user under a LOCAL group IIS_WPG on the IIS Server and I
>> don't know how to give it the necessary permissions to access the SQL
>> Server and the Images on different machines.
>>
>> I think what I need to do is create a Domain Account, give it the
>> appropriate permissions and then somehow get my Web Service to run
>> using that user account. I did try this using 'impersonate' but then
>> it appeared i didn't have permission to tun ASP.NET stuff!
>>
>> Can anyone give me tips on how to accomplish this, or point me to a
>> resource that explains how I can accomplish this.
>>
>> Thanks for any help
>>
>> RichardF
>>
>
>
- Previous message: rk325: "turning cookieless mode false for client browsers that do not accept cookies"
- In reply to: Dominick Baier [DevelopMentor]: "Re: Security issues with Win2003 and ASPNet app"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: Security issues with Win2003 and ASPNet app"
- Reply: Dominick Baier [DevelopMentor]: "Re: Security issues with Win2003 and ASPNet app"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
