Re: AzMan connection problems

---

• From: "Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 13 Jul 2006 20:38:11 -0500

---

I'm not an AzMan expert at all, but this sounds like an
impersonation/delegation issue as the symptoms are classic double hop
authentication. Is impersonation enabled? What security context is being
used to access the AzMan store? If you are trying to use the authenticated
user's security context to do so, you may need to configure Kerberos
delegation.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"DNo" <DNo@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3D67B1F0-FDB1-409B-8655-1B22F843587B@xxxxxxxxxxxxxxxx

Not yet. I have raised a support request with Microsoft which they are
currently working on.
Dean.


"Andrew" wrote:

I've got the same issue. Were either of you able to resolve?

"DNo" wrote:

I'm having the same problem in a similar environment. In my case the
ASP.Net
2.0 application can successfully call AzMan to access the AD datastore
when
the application is opened on the server, however running the
application from
a client causes the same error detailed below.

Am very keen to here of any suggestions for this.
Thanks,
Dean.


"bigbrorpi@xxxxxxxxx" wrote:

Hi

I have an ASP .NET 2.0 app connecting to an ADAM AzMan Store on a DC.
I
tested this from my machine and it worked fine. When I moved the app
to
a server, I get an error when it tries to initialize the AzManStore:
The system cannot open the device or file specified (Exception from
HRESULT: 0x8007006E)

I have a feeling this is due to security on the store, but I have
even
gone as far as giving Everyone the Reader permission and it still
fails. Can't seem to find much in the event logs either.

Does anybody have any ideas on how to fix this?

Thanks

.

---

• Prev by Date: SMIME Decryption
• Next by Date: Re: SMIME Decryption
• Previous by thread: SMIME Decryption
• Next by thread: Help regarding assigning Strong Names
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Roles in context ... domain resources if you were in the machine's administrator group" the ... to resources it is instead the security identifier of the logged ... Brown's security book: ... > AzMan is a component of Windows Server 2003 which can also be installed on ... (microsoft.public.dotnet.security) Re: role, domain, and user based security... ... IPrinciple, I am leaning this way but I want to understand ... I don't think AzMan supports direct mapping of users to ... were using Windows security auth with AD, ... >> what Microsoft's security model is setup to handle. ... (microsoft.public.dotnet.security) Re: Anyone out there using AzMan with WinForms solution? ... AzMan is extremely powerful, and the setup steps you described are correct. ... client machines. ... > any comments or feedback on trying to implement this type of security ... (microsoft.public.dotnet.security) Re: Custom Security Question / Guidance ... Have you taken a look at AzMan? ... precisely this sort of fine-grained control over user permissions. ... > PrincipalPermission objects. ... > security application db). ... (microsoft.public.dotnet.framework) Bug in ADAM/AzMan integration? Roles placed in AzTaskObjectContain ... in an ADAM partition. ... AzMan store in AzMan.msc, the roles don't appear at all. ... (microsoft.public.windows.server.active_directory)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2006-07