Accessing remote network share through ASP.Net

Discussion in 'ASP .Net Web Services' started by John Fleming, Jan 29, 2006.

  1. John Fleming

    John Fleming Guest


    I am building a web application with the following components:
    2 Web Servers
    - Windows Server 2003
    - IIS 6
    - .Net Framework version 2.0
    - Reside in Domain A

    2 Clustered Database Servers
    - Windows Server 2003
    - SQL Server 2000
    - Reside in Domain B

    I am also setting up a share on the a separately partitioned drive on
    the database server cluster to act as a central repository for storing
    and retrieving documents which pertain to data in the database. To
    accomplish this, I was going to create a Windows Share on the Documents
    folder and create two accounts for access from the web servers, a User
    account which only has Read access to the share and an Admin account
    which has Read/Write access to the share and underlying folders.

    The web app was going to be separated into two ASP.Net applications,
    one for Users and the other for Admins. I was going to create a
    virtual directory on the user app which would point to the Share on the
    remote server and set the anonymous account on that virtual directory
    to be the User account I created for Reading the documents. This would
    allow anyone to be able to directly download the documents via a URL.

    For the administrative side, I was going to create a separate
    Application Pool which contains the Admin application and establish the
    Admin account with Read/Write permissions on the share as the Custom
    Service account within which the appplication would run. Therefore, I
    would know for sure that only users accessing the administrative
    application would have rights to Write to the Share.

    After researching the options for some time, I found that the easiest
    way to do this is to create either mirrored local accounts on the web
    and database servers or set up domain accounts to span both servers.
    The only problem is that I have been told by my infrastructure team
    that because the database servers are clustered, they cannot establish
    local accounts on the servers. I am not sure if this is true or not,
    but I have to go by what they tell me.

    Also, the servers are within different domains which are not trusted,
    so I don't think the domain account solution would work as I could not
    establish a domain account as the Service Account for the Application
    Pool which could span all of the servers. Somebody did mention that it
    maybe possible to establish mirrored domain accounts, however I have
    not read this anywhere in the research I conducted.

    So given the information provided above, could somebody please help me
    out with these questions:

    1. Is it possible possible to create local accounts on clustered
    servers in order to go with the mirrored local accounts solution?
    2. Is it possible to establish mirrored domain accounts for cross
    domain access?
    3. Given the scenario presented above, what is the easiest and/or best
    solution to use to implement the desired environment?

    Thanks in advance for any help.

    John Fleming
    John Fleming, Jan 29, 2006
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Fleming
    John Fleming
    Jan 29, 2006
  2. wheresjim
    Oct 6, 2005
  3. Dilip
    Apr 13, 2004
  4. John Fleming

    Accessing remote network share through ASP.Net

    John Fleming, Jan 29, 2006, in forum: ASP .Net Security
    Dominick Baier [DevelopMentor]
    Jan 31, 2006
  5. Saraswati lakki
    Saraswati lakki
    Jan 6, 2012

Share This Page