RE: Windows Authentication
From: Alvin Zhao[MSFT] (alvinzh@online.microsoft.com)
Date: 01/07/03
- Next message: Jan Schmitz: "Protect MSDE-Database against manipulation"
- Previous message: John Bell: "Re: Attempted accesses from/to internet sites"
- In reply to: Eran Librach: "Windows Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: alvinzh@online.microsoft.com (Alvin Zhao[MSFT]) Date: Tue, 07 Jan 2003 11:49:19 GMT
Hi,
As a follow-up of Eran's reply, you can perform your own impersonation in
order to create a thread token that does have network access. The LogonUser
and ImpersonateLoggedOnUser functions can be used to impersonate a
different account. This requires that you have the clear text username and
password of another account available to your code. LogonUser also requires
that the account that calls it has the "Act as part of the operating
system" privilege in User Manager.
To do this, you can use LogonUser to get an impersonation token for the
specified user, and then call ImpersonateLoggedOnUser to impersonate that
user on the current thread. Then any calls that you make through ADO on
that same thread should use the current thread's token when making the
integrated security connection to SQL Server.
Sincerely,
Alvin Zhao
Microsoft Support
This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: Jan Schmitz: "Protect MSDE-Database against manipulation"
- Previous message: John Bell: "Re: Attempted accesses from/to internet sites"
- In reply to: Eran Librach: "Windows Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
