Re: ASP and LogonUser

From: Egbert Nierop \(MVP for IIS\) (egbert_nierop@nospam.com)
Date: 04/24/03

• Next message: Jannie Hanekom: "Re: iislockdown - workaround for NT4 clients viewing NTFS security?"
• Previous message: Andrew Goodale: "ASP and LogonUser"
• In reply to: Andrew Goodale: "ASP and LogonUser"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Egbert Nierop \(MVP for IIS\)" <egbert_nierop@nospam.com>
Date: Thu, 24 Apr 2003 19:17:40 +0200

"Andrew Goodale" <agoodale@eroom.com> wrote in message
news:eTg5GMoCDHA.2920@TK2MSFTNGP11.phx.gbl...
> I am building a COM component which needs to impersonate a local user
> account to access certain resources.
>
> My question is, since even out-of-process apps impersonate the IUSR
> account to handle ASP requests, how does a process running under the
> IWAM privilege get the impersonation token for IUSR? Is there a "super
> secret" windows API that IIS uses? I would like to avoid having to tell
> customers to enable the SE_TCB_NAME privilege for IWAM if I can.
Unfortunately, this privilage is needed until Windows 2000. On windows 2003
and XP it is not needed. Being administrative is sufficient then...
> Thanks,
>
> Andrew Goodale
> Developer, Choreographer
> Documentum, Inc.
>

• Next message: Jannie Hanekom: "Re: iislockdown - workaround for NT4 clients viewing NTFS security?"
• Previous message: Andrew Goodale: "ASP and LogonUser"
• In reply to: Andrew Goodale: "ASP and LogonUser"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Save File to Different Domain - 2nd Post ... Sometimes you might need to obtain a Windows NT account token to impersonate ... Imports System.Collections ... (microsoft.public.dotnet.framework.aspnet.security) Re: Impersonation on a domain controller ... I have turned on windows authentication In IIS. ... have got the asp.net account. ... ASP.NET does not work with the default ASPNET account on a domain controller ... IWAM Account Is Not Granted the Impersonate Privilege for ASP.NET 1.1 on a Windows 2000 Domain ... (microsoft.public.dotnet.framework.aspnet.security) Re: programmatically login using LDAP and impersonation ... In Windows 2003 domains you can impersonat an account by using the UPN ... I need to impersonate an intranet Active ... will only allow windows authentication, ... (microsoft.public.dotnet.framework.aspnet.security) Impersonation on Windows Server 2003 ... I have an ASP.NET application that I'm developing on Windows 2003 and IIS 6. ... I have tried to impersonate the administrative account two different ways: ... the account I impersonate is in the Administrators group on the server. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator ... This is common in most Pre-Installed Windows System. ... > Administrator account allows local Administrator ... IBM Systems with preinstalled Microsoft ... (Bugtraq)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint