Re: Accessing shares on other servers

this will not work unless you are using kerberos and enable creditials
forwarding.

this is due to the 1 hop rule, as asp.net does not have the users primary
token, so it can access networks services.

-- bruce (sqlwork.com)



"S.M. Altaf [MVP]" <smaltaf@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:eySGldayFHA.3312@xxxxxxxxxxxxxxxxxxxxxxx
> Kev,
>
> You may be using Windows Authentication, but when your ASP.NET application
> attempts to access those files, it does so under the security context of
> the ASP.NET worker process. What you need to do is to set user
> impersonation in your ASP.NET application so that the application runs
> under the security context of the person who is using it.
>
> Open up your web.config file, and change the impersonate tag to look like
> this:
>
> <identity impersonate="true" />
>
>
> Read more about impersonation on MSDN:
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconImpersonation.asp
>
> HTH,
> S.M. Altaf
> [MVP - VB]
>
> --------------------------------------------------------------------------------
> All that glitters has a high refractive index.
> www.mendhak.com
>
>
> "Mantorok" <none@xxxxxxxxxxxxx> wrote in message
> news:di07c5$cbs$1@xxxxxxxxxxxxxxxxxxxxxx
>> Hi
>>
>> I have an app and during some code-behind it attempts to fetch some files
>> from another server-share, IIS is configured to use the users
>> windows-login as authentication and although we have access to this share
>> on the other server an exception is thrown, the app says "Access Denied"
>> and waffles on about giving the ASPNET machine account access to the
>> share - but we don't need to do this as we are using windows
>> authentication.
>>
>> Any ideas? I'm confused.
>>
>> Kev
>>
>
>


.

Relevant Pages

  • Re: Remote control of windows service with windows 2003 server
    ... Impersonation is more difficult in forms authentication. ... you are passing the username and password for a windows account. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Remote control of windows service with windows 2003 server
    ... I think that I could also use Windows Authentication instead of Web Form ... > Impersonation is more difficult in forms authentication. ... >>2) Are there any relationship between Windows password of a Windows User ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: WindowsAuthentication from code
    ... I think impersonation is not really what is needed here. ... I think that in whole this windows ... some authentication has happened. ... authentication actually browser sends credentials with every request no ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Accessing shares on other servers
    ... You may be using Windows Authentication, ... it does so under the security context of the ... Read more about impersonation on MSDN: ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Change in ASP.Net authentication between Win2000 and Win2003
    ... > is turning on/off Kerberos is occuring. ... It control how IE deals with "Authentication: ... when you put IIS6 in a domain and have "Integrated Windows Authentication" ...
    (microsoft.public.windows.server.security)