Re: AD Login failure when using ActiveDirectoryMembershipProvider
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 23 Feb 2007 16:07:44 +0000 (UTC)
and thats why you are having problems -
with a properly configured app pool you get a strong process token - with impersonation just a weak thread token.
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
Let me correct my previous statement.
That IS how we configure machines at the client site, and have been
configuring them for over a year.
Perhaps it is not how we SHOULD be configuring them, but that's a
different issue.
"Dominick Baier" wrote:
No - thats not how you would configure an IIS6 -
you would configure the app pool to run as a domain account and use
no impersonation.
.
- Prev by Date: Re: Basic password security question
- Next by Date: Re: Basic password security question
- Previous by thread: Re: AD Login failure when using ActiveDirectoryMembershipProvider
- Next by thread: Re: AD Login failure when using ActiveDirectoryMembershipProvider
- Index(es):
