Re: AD Login failure when using ActiveDirectoryMembershipProvider
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 23 Feb 2007 09:40:47 +0000 (UTC)
No - thats not how you would configure an IIS6 -
you would configure the app pool to run as a domain account and use no impersonation.
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
I'm afraid I don't understand your comments.
You're right that the default process identity is the local machine
ASPNET account. However, as I stated, I changed the anonymous user to
a domain account and enabled impersonation, so the process credentials
are now my domain credentials.
Why is this not realistic? It's the same way I would configure the
Windows 2003 server (i.e. change the anonymous account to a domain
account and enable impersonation).
.
- Prev by Date: Re: How to start/stop windows service on a remote machine?
- Next by Date: Re: Question about cookie protection and FormsAuthentication.Encry
- Previous by thread: Re: AD Login failure when using ActiveDirectoryMembershipProvider
- Next by thread: Re: AD Login failure when using ActiveDirectoryMembershipProvider
- Index(es):
Relevant Pages
|
