Re: ASP.NET impersonation - getfiles() problem
- From: "Anthony Jones" <Ant@xxxxxxxxxxxxxxxx>
- Date: Tue, 12 Feb 2008 14:58:36 -0000
"Norman Yuan" <FakeName@xxxxxxxxxxxxx> wrote in message
news:O5z$UTYbIHA.1204@xxxxxxxxxxxxxxxxxxxxxxx
news:d646eddc-ba4e-44de-97f3-3ed0a95613c1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
"float" <marcinsvr@xxxxxxxxx> wrote in message
news:90100636-c78d-4713-b624-00f24d1d50b8@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On 12 Lut, 11:12, "Anthony Jones" <A...@xxxxxxxxxxxxxxxx> wrote:
"float" <marcin...@xxxxxxxxx> wrote in message
http://technet2.microsoft.com/windowsserver/en/library/b207ee9c-a055-...
Hi all,
I've got problem with listing files in UNC path. Result is: Access to
the path '\\serwername\path' is denied. I'm using IIS 5.1 on WinXP
Pro. All machines in one domain. Impersonation is on.
web.config:
<system.web>
<identity impersonate="true"/>
<authentication mode="Windows"/>
</system.web>
Integrated Windows authentication checked and Anonymous access
unchecked in IIS configuration.
I've been googling on this one for a few days now and checked various
configurations - none worked. The strange thing is that when trying
this on a serwer machine it works fine, but any other machine gets
error. The other thing is: when I hardcoded my domain account and
password in the web.config all works excelent (on every machine).
If anyone got any clue what I'm doing wrong please help - I've just
run out of ideas.
A machine must be trusted and configured for delegation. IOW the file
server doesn't trust your failing machines to access its resources on
behalf
of another user.
See:-
it
--
Anthony Jones - MVP ASP/ASP.NET
Anthony,
Thanks for the reply. I've just talked to my domain admin - a sad info
is that I will not be able to "allow my computer to be trusted fo
delegation" because of inside security procedures (bla, bla, bla). The
good neews is that if You are right, and I understand You correctly
this error will be no longer if I put my web site on the serwer
instead of my local machine. (serwers in one domain are trusting each
other by default, doesn't they?)
Maybe, maybe not. You still need to let your domain administrator to make
happen.web.config,
As alternative, you could specify a domain username/password in
so that there is no need fo user identity jump from user->web server->filepassword="Password"
location, like this:
<identity impersonate="true" user="domainName\userName"
/>
I wouldn't recommend that. Better to ensure servers are entrusted for
delegation as is appropriate (I'm sure there would be no objection to that).
This allows you to maintain better control over who has access to what using
standard windows security. It also doesn't require that a valid username
/password pair be stored in this way which would make any Administrator
nervous.
--
Anthony Jones - MVP ASP/ASP.NET
.
- Follow-Ups:
- Re: ASP.NET impersonation - getfiles() problem
- From: float
- Re: ASP.NET impersonation - getfiles() problem
- References:
- ASP.NET impersonation - getfiles() problem
- From: float
- Re: ASP.NET impersonation - getfiles() problem
- From: Anthony Jones
- Re: ASP.NET impersonation - getfiles() problem
- From: float
- Re: ASP.NET impersonation - getfiles() problem
- From: Norman Yuan
- ASP.NET impersonation - getfiles() problem
- Prev by Date: Large Web Service ... How to Organize?
- Next by Date: Query Regarding Domain Checker in ASP.NET
- Previous by thread: Re: ASP.NET impersonation - getfiles() problem
- Next by thread: Re: ASP.NET impersonation - getfiles() problem
- Index(es):
Relevant Pages
|
