Re: AD Login failure when using ActiveDirectoryMembershipProvider

From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 22 Feb 2007 19:05:21 -0600

The AD membership provider disables impersonation when it does its DS
access, so that might explain the problem. If you are using XP and want
default credentials, you need to change the credentials in your processModel
in machine.config to a domain account for testing purposes.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Craig Wagner" <MSDNNospam207@xxxxxxxxxxxxx> wrote in message
news:995F2D5A-5CCE-48E7-9A24-C564DD8F1D2C@xxxxxxxxxxxxxxxx

I'm afraid I don't understand your comments.

You're right that the default process identity is the local machine ASPNET
account. However, as I stated, I changed the anonymous user to a domain
account and enabled impersonation, so the process credentials are now my
domain credentials.

Why is this not realistic? It's the same way I would configure the Windows
2003 server (i.e. change the anonymous account to a domain account and
enable
impersonation).

References:
- Re: AD Login failure when using ActiveDirectoryMembershipProvider
  - From: Dominick Baier

Prev by Date: Re: WindowsTokenRoleProvider & Domain Groups
Next by Date: Re: WindowsTokenRoleProvider & Domain Groups
Previous by thread: Re: AD Login failure when using ActiveDirectoryMembershipProvider
Next by thread: Re: AD Login failure when using ActiveDirectoryMembershipProvider
Index(es):
- Date
- Thread

Relevant Pages

Re: confused about credentials in impersonation
... As in a traditional ASP.Net application the logged in user making the ... If impersonation is not turned on then the user credentials that will be ... > account or server's accounts or server's administration account or domain ...
(microsoft.public.sharepoint.portalserver.development)
Re: ASP.NET and integrated Authentication
... credentials when using impersonation unless you enable kerberos ... The credentials make one hop from the browser to a remote ... application uinder a domain account instead of the local ASPNET ...
(microsoft.public.dotnet.framework.aspnet)
Re: Windows authentication for web service client??
... I have a web service that make a webDav request to Exchange. ... I have impersonation on but when I use the defaultCredentials in the web ... credentials have rights to make this request and I'm at my wits end trying ... >>> The ASPNET account is a local account, so the other machine or domain ...
(microsoft.public.dotnet.framework.aspnet.webservices)
Re: Win32 security limitations: why?
... Impersonation allows a process to run with the credentials ... > the Iwam account, for support of the anonymous users. ... > this allows the anonymous user to have a process with a higher security ...
(microsoft.public.security)
Re: AD Login failure when using ActiveDirectoryMembershipProvider
... you would configure the app pool to run as a domain account and use no impersonation. ... a domain account and enabled impersonation, so the process credentials ...
(microsoft.public.dotnet.framework.aspnet.security)