RE: Impersonate on specific directory

Hi Nick,

Does the suggestion in my last reply help you some? If you have anything
unclear or need any other help, welcome to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------t
From: stcheng@xxxxxxxxxxxxxxxxxxxx (Steven Cheng [MSFT])
Organization: Microsoft
Date: Tue, 20 May 2008 03:59:45 GMT
Subject: RE: Impersonate on specific directory


Hi Nick,

From your description, you want to access some shared folder in the
ASP.NET
application, however, due to the security protection, you need to do
impersonate, and currently encounter some problems with the impersonate,
correct?

Regarding on this issue, I'd like to confirm the following things:

** Are you in a domain environment, for both the ASP.NET server machine
and
the remote share folder's machine

** How did you do the impersonate currrently. Are you impersonate the
ASP.NET client user account( through windows authentication) or use a
fixed
account in web.config to do the impersonate?

Based on my experince, if the ASP.NET application need to access another
remote machine's protected resource(such as file share), impersontating
client user(who access the ASP.NET application) will not work due to
double
hop limitation. You need to do impersonate with a clear text
username/password so as to establish a security token that can forward
across from ASP.NET server to remote share folder machine.

For the question that you want to only impersonate the context when
accessing a particular file share, I think you can consider do impersonate
programmatically. You can make impersonate call only in method where you
want to access remote share and undo it after finished.

#How To: Use Impersonation and Delegation in ASP.NET 2.0
http://msdn.microsoft.com/en-us/library/ms998351.aspx

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#noti
f
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.



--------------------
From: "Nick" <a@xxxxx>
Subject: Impersonate on specific directory
Date: Mon, 19 May 2008 15:09:42 +0100

Hi there,

I need to enable Impersonation in order to access a network share
from
an ASP.NET application. Unfortunately when I do this it enables it for
the
entire application which causes other issues, how would I do this for a
particular folder?

Thanks in advance for your time.

Nick.






.

Relevant Pages

  • Re: MovieMaker Security Suite 2005 Case #: SRX050223602463
    ... I was impressed by the performance Microsoft ... > Review of MovieMaker Security, ... Telephonte Support replied with a non-existant answer to the ... > regarding my service, Zee Awad, my manager, would be very happy to hear ...
    (microsoft.public.windowsxp.moviemaker)
  • RE: 2000 AS SP4 RepositoryUser and OLAP Admins Group
    ... Thank you for using Microsoft Managed TechNet Newsgroup. ... Administrators group to the database role RepositoryUser for msdb. ... Open SQL Server Enterprise Manager, expand Security folder, right click Logins, click ... Microsoft Online Community Support ...
    (microsoft.public.sqlserver.olap)
  • RE: Replication Status Error fffffc07
    ... Dismount the problematic public folder store through Exchange System ... please refer to the following Microsoft ... Microsoft Online Partner Support ... >When I use Exchange System Manager to see Replication Status ...
    (microsoft.public.exchange2000.admin)
  • Re: Ajax on .NET 2.0
    ... Please try to create a new ASP.NET AJAX-Enabled Web Site. ... Microsoft Online Support ... You can send feedback directly to my manager at: ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Word add-in help
    ... the registry keys related to ProgId and GUID are all ... Microsoft Online Community Support ... You can send feedback directly to my manager at: ... Thanks for using Microsoft Newsgroup Support Service, ...
    (microsoft.public.office.developer.com.add_ins)