Re: Problem with PrincipalPermission Attribute (cannot resolve IsInRole)

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 06/08/05


Date: Tue, 7 Jun 2005 21:59:18 -0400

Just out of curiosity, does it start working if you enable impersonation in
web.config?

Joe K.

"Peter Zuber" <pzuber@maninvestments.com> wrote in message
news:%23R5Qyn3aFHA.3032@TK2MSFTNGP10.phx.gbl...
> Hi, I have the following problem...
>
> Pre-requisites:
> Installation of an Asp.net webservice on a IIS5 server (win2k). Anonymous
> access is not allowed, only using windows authentication (intranet app),
> webmethods are using the Principalpermssion attribute
> ([PrincipalPermission(SecurityAction.Demand,
> Role=@"DomainName\WindowsGroup...")]) for identification.
>
> Result --> It works fine on my PC but not on the server
>
> When I change the to [PrincipalPermission(SecurityAction.Demand,
> name=@"DomainName\Windowsuser...")]) -> it runs fine
>
> --> conclusion: IIS cannot determine if a user belongs to an AD group -->
> IPrincipal.IsInRole(@"DomainName\WindowsGroup") is always FALSE!
>
> I already found an article on the web
> (http://www.kbalertz.com/kb_894432.aspx --> web dir is UNC share), but
> didn't solved the problem...
>
> Does anyone know more about this issue?
>
>