ASP.net authentication issue

Discussion in 'ASP .Net' started by Peter, Jul 28, 2009.

  1. Peter

    Peter Guest

    Hi

    My IIS is running on a domain server and requires authentication for all AD
    users to access my application. I would like to have my application to
    access some of the resources (e.g Event logs) on a remote server, which is
    on the same domain as the IIS server. Can I use the authenticated user
    account to acess other servers in the application instead of using the
    default IIS ASP account (since this account do not have sufficient rights on
    all other servers) ? In that case, access rights can depends on the
    Authenticated user.

    Thanks
    Peter
    Peter, Jul 28, 2009
    #1
    1. Advertising

  2. "Peter" <> wrote in
    news::

    > Hi
    >
    > My IIS is running on a domain server and requires authentication for
    > all AD users to access my application. I would like to have my
    > application to access some of the resources (e.g Event logs) on a
    > remote server, which is on the same domain as the IIS server. Can I
    > use the authenticated user account to acess other servers in the
    > application instead of using the default IIS ASP account (since this
    > account do not have sufficient rights on all other servers) ? In
    > that case, access rights can depends on the Authenticated user.


    If you log the person into your site (which can be done without a log in
    screen with proper permissions), you can impersonate the user to get at
    other resources.

    The event log may be tricky, however, even with a domain user. This is
    not guaranteed, as I have not done it, but I have found that contacting
    resources outside of IIS is tricky, esp. on other machines.

    If you end up with a problem, you could potentially set up a windows
    service on the IIS box and call to it for the information. A simply WCF
    service end for the windows service can save you tons of heartache. Take
    the time to spec this out completely before starting the work, as you
    need to really think through this type of system.

    Good luck!


    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    Twitter: @gbworld
    Blog: http://gregorybeamer.spaces.live.com

    *******************************************
    | Think outside the box! |
    *******************************************
    Gregory A. Beamer, Jul 28, 2009
    #2
    1. Advertising

  3. Peter

    Peter Guest

    Hi Gregory

    I currently have no problem getting the logs from the server running the IIS
    but do not know what to start with when trying to connect to other machines
    on the same domain. Any suggestion on how to start with ? I have
    impersonate set to true in the web.config and have no problem getting the
    authenticated users' information.

    Thanks
    Peter

    "Gregory A. Beamer" <> wrote in message
    news:Xns9C565867AEB77gbworld@207.46.248.16...
    > "Peter" <> wrote in
    > news::
    >
    >> Hi
    >>
    >> My IIS is running on a domain server and requires authentication for
    >> all AD users to access my application. I would like to have my
    >> application to access some of the resources (e.g Event logs) on a
    >> remote server, which is on the same domain as the IIS server. Can I
    >> use the authenticated user account to acess other servers in the
    >> application instead of using the default IIS ASP account (since this
    >> account do not have sufficient rights on all other servers) ? In
    >> that case, access rights can depends on the Authenticated user.

    >
    > If you log the person into your site (which can be done without a log in
    > screen with proper permissions), you can impersonate the user to get at
    > other resources.
    >
    > The event log may be tricky, however, even with a domain user. This is
    > not guaranteed, as I have not done it, but I have found that contacting
    > resources outside of IIS is tricky, esp. on other machines.
    >
    > If you end up with a problem, you could potentially set up a windows
    > service on the IIS box and call to it for the information. A simply WCF
    > service end for the windows service can save you tons of heartache. Take
    > the time to spec this out completely before starting the work, as you
    > need to really think through this type of system.
    >
    > Good luck!
    >
    >
    > --
    > Gregory A. Beamer
    > MVP; MCP: +I, SE, SD, DBA
    >
    > Twitter: @gbworld
    > Blog: http://gregorybeamer.spaces.live.com
    >
    > *******************************************
    > | Think outside the box! |
    > *******************************************
    Peter, Jul 29, 2009
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brett Porter
    Replies:
    2
    Views:
    733
    Andrea D'Onofrio [MSFT]
    Jan 20, 2004
  2. Brett Porter
    Replies:
    2
    Views:
    178
    Andrea D'Onofrio [MSFT]
    Jan 20, 2004
  3. Fabio Gouw

    ASP.NET Authentication and Windows Authentication

    Fabio Gouw, Nov 15, 2004, in forum: ASP .Net Security
    Replies:
    2
    Views:
    134
    Ken Schaefer
    Nov 16, 2004
  4. nenzax
    Replies:
    1
    Views:
    217
    Dominick Baier [DevelopMentor]
    Dec 18, 2005
  5. Michael D. Ober
    Replies:
    6
    Views:
    280
    Michael D. Ober
    Oct 30, 2006
Loading...

Share This Page