Re: Permission required to execute a DTS package from ASP.NET applicatio?!!

if using the logged user account is optional and if you can impersonate
using another user account, then try it. (provide a spcific username /
password in the impersonate tag of the web.config file)

or... you can open a DTS package by providing a specific user / password
instead-of the integrated security. also use SQL Server accounts for the
connections in your package.


"J-T" <JT@xxxxxxxxxx> wrote in message
news:O4lyGWBiFHA.2152@xxxxxxxxxxxxxxxxxxxxxxx
> Thanks for your nice reply.
> I cannot implement kerbreros.How about this?
>
> I will impersonate under a local account of web server and then I
> duplicate that account in sql server as SQL SERVER Authentication and then
> I will give that account all the right permission sets to run the packages
> .
>
> Thanks
>
> "Jéjé" <willgart@xxxxxxxxxxxxxxxxx> wrote in message
> news:%23mPihwAiFHA.720@xxxxxxxxxxxxxxxxxxxxxxx
>> ok
>> the problem is a Kerberos issue!
>>
>> are you using the active directory?
>> trust your webserver in the active directory, this allow the computer to
>> delegates the end user access. (look at the properties of the computer
>> account in the AD)
>> if your ASP.Net application run under a specific user account (your app
>> pool run under a domain user), then you have to download the setspn
>> utility.
>> then use it like this:
>>
>> setspn -a http/webservername domain\apppooluser
>>
>> this command allow the domain\apppooluser user to delegates the end user
>> login during impersonation.
>>
>> but...
>> 1. your end user must be in the Active Directory too
>> 2. the client computer must be on the same network withtout firewall
>> between the station and the web server (the kerberos delegation dislike
>> firewalls)
>>
>> or use the basic authentication for the web server, because the basic
>> authentication "display" the password, then the ASP.net application use
>> the login / password when there is a back end access.
>>
>> "J-T" <JT@xxxxxxxxxx> wrote in message
>> news:eNHQhl8hFHA.3300@xxxxxxxxxxxxxxxxxxxxxxx
>>> Thanks Jeje,
>>>
>>>> have you setup the impersonation in the web.config file?
>>> Yes,I've enabled impersonation in my application and that's why it is
>>> under the security context of my account "Domain\My UserName".
>>>
>>>> does SQL server is on the same server as your ASP.net application?
>>> No they are in different boxes!!! I think this is the problem
>>>
>>>> do you use NTLM or Basic authentication?
>>> I'm using NTLM (Windows integrated security).
>>>
>>> Thanks again
>>>
>>>
>>> "Jéjé" <willgart@xxxxxxxxxxxxxxxxx> wrote in message
>>> news:uWzExP2hFHA.1968@xxxxxxxxxxxxxxxxxxxxxxx
>>>> does SQL server is on the same server as your ASP.net application?
>>>> do you use NTLM or Basic authentication?
>>>> have you setup the impersonation in the web.config file?
>>>>
>>>> "Ray5531" <Ray5531@xxxxxxxxxxxxx> wrote in message
>>>> news:usCQ510hFHA.1372@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Hello,
>>>>>
>>>>> I'm calling a DTS package from my asp.net application.Apparently
>>>>> because of permission issue I canot run the package within the sql
>>>>> server ,because when I set it to call a package from my local host it
>>>>> can execute te package.one step before calling the package I get the
>>>>> IDENTITY of the current security context and it is my Domian user name
>>>>> and I'm using IntegratedSecurity to call the DTS package.I'm also
>>>>> memeber of sysadmin rols in Database.Do I have to give it extra
>>>>> permissions?
>>>>>
>>>>> Thasnk
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.

Relevant Pages

  • [NT] Named Pipe Filename Local Privilege Escalation
    ... By specifying the name of a named pipe instead of a file, ... impersonate the user account Microsoft SQL Server is running under. ...
    (Securiteam)
  • Re: Connecting to SQLServer 2000 from ASP.NET
    ... Integrated windows authentication or Forms authentication) and it should ... with a developer's domain account. ... It should be OK to have the impersonate settings in machine.config ... meant to be a remedy in the development enviroment, whereby the SQL Server ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Sql Reporting Serviced - > ASP.NET ACCESS DENIED!
    ... The account you are logging in to when on the server doesn't have the ... do you have <Impersonate> set to True? ... > Exception Details: System.UnauthorizedAccessException: Access to the path ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: How to use WindowsPrincipal properly??
    ... > If you want to check if the user is in the local computers security group ... > used by the general public you have to use Basic Authentication of course. ... You can logon a set account ... > WindowsIndentity which is then used to Impersonate. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Impersonate
    ... saving a Excel document in ASP.NET webapplication, ... Regarding on the problem you mentioned, I think the account is the first ... You should either impersonate through the web.config setting or use code. ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)