Re: How to run as in a deamon
- From: David Thielen <thielen@xxxxxxxxxxxxx>
- Date: Thu, 24 Aug 2006 08:59:02 -0700
Thank you Joe/Steven/Mike. Boy security is a pain!!!
--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com
Cubicle Wars - http://www.windwardreports.com/film.htm
"Joe Kaplan" wrote:
What would be the conceptual difference between running the scheduled task.
as the user your need vs. storing their credentials so you could create a
token for them and impersonate them? Basically, that just means it is your
problem to store the credentials vs. the operating system's.
If the process ran as SYSTEM, the server was 2K3 and the AD domain was 2K3
native, you could create an impersonation token for a user based solely on
their user principal name via S4U/protocol transition. I'm not sure if that
really helps you though.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"David Thielen" <thielen@xxxxxxxxxxxxx> wrote in message
news:9BDFE2D9-B9C7-45EC-91B7-E4C6A1CE7002@xxxxxxxxxxxxxxxx
The problem is that this runs on the server (ASP.NET) and most user's
don't
have (and shouldn't have) login rights on the server.
--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com
Cubicle Wars - http://www.windwardreports.com/film.htm
"Joe Kaplan" wrote:
Have them set up the scheduled task to run as the required user. That's
the
most straightforward way to solve this.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"David Thielen" <thielen@xxxxxxxxxxxxx> wrote in message
news:525C4CDD-F65C-4C82-8F63-EE93FDE4D091@xxxxxxxxxxxxxxxx
Hi;
We have this web app that handles security great. For everything we do
we
run as the client so we do not have to store any credentials ourselves
and
it
handles Sql Server access, reading files from the server, everything.
But... we have a deamon program where users can schedule these same
actions.
The problem is, when these deamon programs run, we don't have the
client
user
attached and therefore cannot get their credentials.
Do we need to get their uname/pw and store it to be able to runAs
them -
like services in Windows when running under a user? I hate to store
that
info
because that is the keys to the kingdom.
--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com
Cubicle Wars - http://www.windwardreports.com/film.htm
- Follow-Ups:
- Re: How to run as in a deamon
- From: Dominick Baier
- Re: How to run as in a deamon
- References:
- Re: How to run as in a deamon
- From: Joe Kaplan
- Re: How to run as in a deamon
- From: Joe Kaplan
- Re: How to run as in a deamon
- Prev by Date: Re: How to run as in a deamon
- Next by Date: AzMan Still the way to go?
- Previous by thread: Re: How to run as in a deamon
- Next by thread: Re: How to run as in a deamon
- Index(es):
Relevant Pages
|
|
