Re: IWAM running as IUSR
From: BB (Bernard_at_3exp.com)
Date: 02/24/03
- Next message: BB: "Re: The Page Cannot Be Displayed"
- Previous message: BB: "Re: IIS - Access denied by ACL"
- In reply to: at: "Re: IWAM running as IUSR"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "BB" <Bernard_at_3exp.com> Date: Mon, 24 Feb 2003 11:39:06 +0800
Take IWAM is a bus and IUSR is the passenger.
Rgds.
"at" <tarasul@hotmail.com> wrote in message
news:#8vrmm02CHA.1608@TK2MSFTNGP09.phx.gbl...
> Resolved myself - process running as IWAM and impersonate aonymous user as
> IUSR. sic
>
> "at" <tarasul@hotmail.com> wrote in message
> news:#KZyXUr2CHA.1912@TK2MSFTNGP12.phx.gbl...
> > Hello,
> >
> > I'm running IIS5 on standalone Win2K server. It was absolutely clear for
> me
> > that when I run web application in high isolation it's running as IWAM.
> > Checking component services snap-in confirms this again
> > Then I've wrote 4 lines asp which opens trusted connection to local SQL
> > Server. SQL Server configured to allow connection from both IUSR and
IWAM
> > accounts. SQL connection is made as IUSR, not IWAM (!!!)
> > Another 2 lines asp access file system (objFSO.OpenTextFile) and it's
> again
> > happen as IUSR (I've enabled auditing on the file).
> >
> > The TokenMon do show that some activity happen on IWAM account for
> > dllhost.exe, but then this thread again impersonate as IUSR.
> >
> > So what is running as IWAM account? What's going on? I've never see this
> > documented.
> >
> > Also the legend that isolated process have low priviledge is a bit
> > exaggarated - a lot of activity on "isolated" dllhost.exe is happen
under
> > SYSTEM account.
> >
> >
> > Thanks
> > Alexander
> >
> >
>
>
- Next message: BB: "Re: The Page Cannot Be Displayed"
- Previous message: BB: "Re: IIS - Access denied by ACL"
- In reply to: at: "Re: IWAM running as IUSR"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
