About ASP.NET Impersonation:

Discussion in 'ASP .Net' started by =?Utf-8?B?QW5kcmV3?=, Dec 14, 2005.

  1. Hello, friends,

    Our asp.net app needs to access other servers from our IIS servers. In
    web.config, we set:

    <identity impersonate="true"/>

    However, this works on some IIS servers, and does not work on the rest of
    IIS servers. We have to explicitly set:

    <identity impersonate="true" userName="IISGroup\userName"
    password="password" />

    to make it work again.

    Why? Any ideas? We don't want to have userName/password in web.config...

    Thanks a lot.
     
    =?Utf-8?B?QW5kcmV3?=, Dec 14, 2005
    #1
    1. Advertising

  2. =?Utf-8?B?QW5kcmV3?=

    Bruce Barker Guest

    standand nt creditials can not be forwarded. if iis impersonates the client,
    it does not have a primary security token, and thus can not use to access a
    network resource (1 hop rule).

    to get around you have to switch to kerberos from ntlm, and enable
    creditials forwarding (a server option) on all the network resources. see:

    http://support.microsoft.com/default.aspx?scid=kb;en-us;810572


    -- bruce (sqlwork.com)



    "Andrew" <> wrote in message
    news:D...
    > Hello, friends,
    >
    > Our asp.net app needs to access other servers from our IIS servers. In
    > web.config, we set:
    >
    > <identity impersonate="true"/>
    >
    > However, this works on some IIS servers, and does not work on the rest of
    > IIS servers. We have to explicitly set:
    >
    > <identity impersonate="true" userName="IISGroup\userName"
    > password="password" />
    >
    > to make it work again.
    >
    > Why? Any ideas? We don't want to have userName/password in web.config...
    >
    > Thanks a lot.
     
    Bruce Barker, Dec 14, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Raymond Basque

    Re: ASP.NET Fails after SP4 with Impersonation

    Raymond Basque, Jun 27, 2003, in forum: ASP .Net
    Replies:
    3
    Views:
    544
  2. Bassel Tabbara [MSFT]

    RE: ASP.NET Fails after SP4 with Impersonation

    Bassel Tabbara [MSFT], Jun 27, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    518
    Michael Kennedy [UB]
    Jun 28, 2003
  3. Hidulf
    Replies:
    1
    Views:
    468
    Michael Kennedy [UB]
    Jun 30, 2003
  4. Bjoern Wolfgardt

    Re: Impersonation in ASP.Net

    Bjoern Wolfgardt, Jul 21, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    362
    Sanjay Poojari
    Jul 21, 2003
  5. Bjoern Wolfgardt

    Re: Impersonation in ASP.Net

    Bjoern Wolfgardt, Jul 21, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    383
    Jerry
    Aug 8, 2003
Loading...

Share This Page