ASPNET account for windows 2000 server

Discussion in 'ASP .Net' started by =?Utf-8?B?ZGF2aWQ=?=, Aug 20, 2007.

  1. I am trying to setup ASPNET account for .NET application to access database
    (SQL Server 2000) by
    aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322

    After running it, I got a successful installed information. But I can not
    find this account in Active Directory.

    The authentication uses Active Directory.

    David
     
    =?Utf-8?B?ZGF2aWQ=?=, Aug 20, 2007
    #1
    1. Advertising

  2. =?Utf-8?B?ZGF2aWQ=?=

    Norman Yuan Guest

    ASPNET account is an account local to the IIS server where your APS.NET
    application runs.


    "david" <> wrote in message
    news:...
    >I am trying to setup ASPNET account for .NET application to access database
    > (SQL Server 2000) by
    > aspnet_regiis -i in the directory
    > C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >
    > After running it, I got a successful installed information. But I can not
    > find this account in Active Directory.
    >
    > The authentication uses Active Directory.
    >
    > David
     
    Norman Yuan, Aug 20, 2007
    #2
    1. Advertising

  3. =?Utf-8?B?ZGF2aWQ=?=

    Steve Guest

    The ASPNET account is added to the local user database, not Active
    Directory. You'll need to manually add it yourself if you want it to
    have AD credentials, although you might be better off using
    impersonation, since you have Windows Authentication enabled. Better
    security, in my opinion.


    Steve C.
    MCAD,MCSE,MCP+I,CNE,CNA,CCNA


    david wrote:
    > I am trying to setup ASPNET account for .NET application to access database
    > (SQL Server 2000) by
    > aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >
    > After running it, I got a successful installed information. But I can not
    > find this account in Active Directory.
    >
    > The authentication uses Active Directory.
    >
    > David
     
    Steve, Aug 20, 2007
    #3
  4. Re: ASPNET account for windows 2000 servers

    All user accounts in my server in Active Directory User and Computers.

    My system is small business 2000 server.

    David

    "Steve" wrote:

    > The ASPNET account is added to the local user database, not Active
    > Directory. You'll need to manually add it yourself if you want it to
    > have AD credentials, although you might be better off using
    > impersonation, since you have Windows Authentication enabled. Better
    > security, in my opinion.
    >
    >
    > Steve C.
    > MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >
    >
    > david wrote:
    > > I am trying to setup ASPNET account for .NET application to access database
    > > (SQL Server 2000) by
    > > aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    > >
    > > After running it, I got a successful installed information. But I can not
    > > find this account in Active Directory.
    > >
    > > The authentication uses Active Directory.
    > >
    > > David

    >
     
    =?Utf-8?B?ZGF2aWQ=?=, Aug 20, 2007
    #4
  5. About the local Users and Groups in my server:
    I go to My Computer, and Manage and click on Local Users and Groups. I have
    the following message:
    The computer is a domain controller. This snap-in cannot be used on a domain
    controller. Domain accounts are managed with the Active Directory Users and
    Computers snap-in.

    Dabin

    "Steve" wrote:

    > The ASPNET account is added to the local user database, not Active
    > Directory. You'll need to manually add it yourself if you want it to
    > have AD credentials, although you might be better off using
    > impersonation, since you have Windows Authentication enabled. Better
    > security, in my opinion.
    >
    >
    > Steve C.
    > MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >
    >
    > david wrote:
    > > I am trying to setup ASPNET account for .NET application to access database
    > > (SQL Server 2000) by
    > > aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    > >
    > > After running it, I got a successful installed information. But I can not
    > > find this account in Active Directory.
    > >
    > > The authentication uses Active Directory.
    > >
    > > David

    >
     
    =?Utf-8?B?ZGF2aWQ=?=, Aug 20, 2007
    #5
  6. =?Utf-8?B?ZGF2aWQ=?=

    Norman Yuan Guest

    Re: ASPNET account for windows 2000 servers

    If your server is also domain controller, then there would be no local user
    account. If you have to run your ASP.NET application on this server, you
    need to some special configuration. Search MS Knowledge Base, there are a
    few articles on running IIS/ASP.NET apps on domain controller. such as:

    http://support.microsoft.com/kb/315158

    and

    http://msdn2.microsoft.com/en-us/library/aa579070.aspx





    "david" <> wrote in message
    news:...
    > All user accounts in my server in Active Directory User and Computers.
    >
    > My system is small business 2000 server.
    >
    > David
    >
    > "Steve" wrote:
    >
    >> The ASPNET account is added to the local user database, not Active
    >> Directory. You'll need to manually add it yourself if you want it to
    >> have AD credentials, although you might be better off using
    >> impersonation, since you have Windows Authentication enabled. Better
    >> security, in my opinion.
    >>
    >>
    >> Steve C.
    >> MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >>
    >>
    >> david wrote:
    >> > I am trying to setup ASPNET account for .NET application to access
    >> > database
    >> > (SQL Server 2000) by
    >> > aspnet_regiis -i in the directory
    >> > C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >> >
    >> > After running it, I got a successful installed information. But I can
    >> > not
    >> > find this account in Active Directory.
    >> >
    >> > The authentication uses Active Directory.
    >> >
    >> > David

    >>
     
    Norman Yuan, Aug 20, 2007
    #6
  7. Re: ASPNET account for windows 2000 servers

    re:
    !> All user accounts in my server in Active Directory User and Computers.

    The local accounts aren't added to Active Directory.
    You can add it manually, or take the advice to impersonate.

    I'd impersonate any existing AD account, and give it
    the necessary directory permissions, if I were you.

    Here's a guideline for doing this for the .Net Framework 1.1 :

    http://msdn2.microsoft.com/en-us/library/kwzs111e(vs.71).aspx





    Juan T. Llibre, asp.net MVP
    asp.net faq : http://asp.net.do/faq/
    foros de asp.net, en español : http://asp.net.do/foros/
    ======================================
    "david" <> wrote in message news:...
    > All user accounts in my server in Active Directory User and Computers.
    >
    > My system is small business 2000 server.
    >
    > David
    >
    > "Steve" wrote:
    >
    >> The ASPNET account is added to the local user database, not Active
    >> Directory. You'll need to manually add it yourself if you want it to
    >> have AD credentials, although you might be better off using
    >> impersonation, since you have Windows Authentication enabled. Better
    >> security, in my opinion.
    >>
    >>
    >> Steve C.
    >> MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >>
    >>
    >> david wrote:
    >> > I am trying to setup ASPNET account for .NET application to access database
    >> > (SQL Server 2000) by
    >> > aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >> >
    >> > After running it, I got a successful installed information. But I can not
    >> > find this account in Active Directory.
    >> >
    >> > The authentication uses Active Directory.
    >> >
    >> > David

    >>
     
    Juan T. Llibre, Aug 20, 2007
    #7
  8. Re: ASPNET account for windows 2000 servers

    Thank you, Norman and Steve.

    I will read them and then reply to you.

    David

    "Norman Yuan" wrote:

    > If your server is also domain controller, then there would be no local user
    > account. If you have to run your ASP.NET application on this server, you
    > need to some special configuration. Search MS Knowledge Base, there are a
    > few articles on running IIS/ASP.NET apps on domain controller. such as:
    >
    > http://support.microsoft.com/kb/315158
    >
    > and
    >
    > http://msdn2.microsoft.com/en-us/library/aa579070.aspx
    >
    >
    >
    >
    >
    > "david" <> wrote in message
    > news:...
    > > All user accounts in my server in Active Directory User and Computers.
    > >
    > > My system is small business 2000 server.
    > >
    > > David
    > >
    > > "Steve" wrote:
    > >
    > >> The ASPNET account is added to the local user database, not Active
    > >> Directory. You'll need to manually add it yourself if you want it to
    > >> have AD credentials, although you might be better off using
    > >> impersonation, since you have Windows Authentication enabled. Better
    > >> security, in my opinion.
    > >>
    > >>
    > >> Steve C.
    > >> MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    > >>
    > >>
    > >> david wrote:
    > >> > I am trying to setup ASPNET account for .NET application to access
    > >> > database
    > >> > (SQL Server 2000) by
    > >> > aspnet_regiis -i in the directory
    > >> > C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    > >> >
    > >> > After running it, I got a successful installed information. But I can
    > >> > not
    > >> > find this account in Active Directory.
    > >> >
    > >> > The authentication uses Active Directory.
    > >> >
    > >> > David
    > >>

    >
    >
     
    =?Utf-8?B?ZGF2aWQ=?=, Aug 20, 2007
    #8
  9. Re: ASPNET account for windows 2000 servers

    re:
    !> If your server is also domain controller
    !> If you have to run your ASP.NET application on this server
    !> running IIS/ASP.NET apps on domain controller

    Definitely not recommended.




    Juan T. Llibre, asp.net MVP
    asp.net faq : http://asp.net.do/faq/
    foros de asp.net, en español : http://asp.net.do/foros/
    ======================================
    "Norman Yuan" <> wrote in message news:%23F%23Jb$...
    > If your server is also domain controller, then there would be no local user account. If you have to run your ASP.NET
    > application on this server, you need to some special configuration. Search MS Knowledge Base, there are a few articles
    > on running IIS/ASP.NET apps on domain controller. such as:
    >
    > http://support.microsoft.com/kb/315158
    >
    > and
    >
    > http://msdn2.microsoft.com/en-us/library/aa579070.aspx
    >
    >
    >
    >
    >
    > "david" <> wrote in message news:...
    >> All user accounts in my server in Active Directory User and Computers.
    >>
    >> My system is small business 2000 server.
    >>
    >> David
    >>
    >> "Steve" wrote:
    >>
    >>> The ASPNET account is added to the local user database, not Active
    >>> Directory. You'll need to manually add it yourself if you want it to
    >>> have AD credentials, although you might be better off using
    >>> impersonation, since you have Windows Authentication enabled. Better
    >>> security, in my opinion.
    >>>
    >>>
    >>> Steve C.
    >>> MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >>>
    >>>
    >>> david wrote:
    >>> > I am trying to setup ASPNET account for .NET application to access database
    >>> > (SQL Server 2000) by
    >>> > aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >>> >
    >>> > After running it, I got a successful installed information. But I can not
    >>> > find this account in Active Directory.
    >>> >
    >>> > The authentication uses Active Directory.
    >>> >
    >>> > David
    >>>

    >
     
    Juan T. Llibre, Aug 20, 2007
    #9
  10. =?Utf-8?B?ZGF2aWQ=?=

    Norman Yuan Guest

    Re: ASPNET account for windows 2000 servers

    For many small offices, they may not have the luxury to have another
    computer to run web apps. A server may have to do everythihng: domain
    controller, file/print server, and even exchange, IIS and SQL Server... all
    on single server. That is why the OP mentions "Small business server".


    "Juan T. Llibre" <> wrote in message
    news:...
    > re:
    > !> If your server is also domain controller
    > !> If you have to run your ASP.NET application on this server
    > !> running IIS/ASP.NET apps on domain controller
    >
    > Definitely not recommended.
    >
    >
    >
    >
    > Juan T. Llibre, asp.net MVP
    > asp.net faq : http://asp.net.do/faq/
    > foros de asp.net, en español : http://asp.net.do/foros/
    > ======================================
    > "Norman Yuan" <> wrote in message
    > news:%23F%23Jb$...
    >> If your server is also domain controller, then there would be no local
    >> user account. If you have to run your ASP.NET application on this server,
    >> you need to some special configuration. Search MS Knowledge Base, there
    >> are a few articles on running IIS/ASP.NET apps on domain controller. such
    >> as:
    >>
    >> http://support.microsoft.com/kb/315158
    >>
    >> and
    >>
    >> http://msdn2.microsoft.com/en-us/library/aa579070.aspx
    >>
    >>
    >>
    >>
    >>
    >> "david" <> wrote in message
    >> news:...
    >>> All user accounts in my server in Active Directory User and Computers.
    >>>
    >>> My system is small business 2000 server.
    >>>
    >>> David
    >>>
    >>> "Steve" wrote:
    >>>
    >>>> The ASPNET account is added to the local user database, not Active
    >>>> Directory. You'll need to manually add it yourself if you want it to
    >>>> have AD credentials, although you might be better off using
    >>>> impersonation, since you have Windows Authentication enabled. Better
    >>>> security, in my opinion.
    >>>>
    >>>>
    >>>> Steve C.
    >>>> MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >>>>
    >>>>
    >>>> david wrote:
    >>>> > I am trying to setup ASPNET account for .NET application to access
    >>>> > database
    >>>> > (SQL Server 2000) by
    >>>> > aspnet_regiis -i in the directory
    >>>> > C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >>>> >
    >>>> > After running it, I got a successful installed information. But I can
    >>>> > not
    >>>> > find this account in Active Directory.
    >>>> >
    >>>> > The authentication uses Active Directory.
    >>>> >
    >>>> > David
    >>>>

    >>

    >
    >
     
    Norman Yuan, Aug 20, 2007
    #10
  11. Re: ASPNET account for windows 2000 servers

    re:
    !> For many small offices, they may not have the luxury to have another computer to run web apps.

    I know that. It's still not *recommended*.
    The problem is that a security breach would compromise the whole domain.

    The way to go about it is to create a custom account to run ASP.NET,
    and give that account only the security rights it needs to run ASP.NET
    so that a security breach edoesn't compromise the domain, but only the
    system areas where the ASP.NET account has permissions to.

    That's why I suggested, earlier, that :

    !> I'd impersonate any existing AD account, and give it
    !> the necessary directory permissions, if I were you.

    !> Here's a guideline for doing this for the .Net Framework 1.1 :

    !> http://msdn2.microsoft.com/en-us/library/kwzs111e(vs.71).aspx

    An ad-hoc account, created especially for that purpose, would work just as well.




    Juan T. Llibre, asp.net MVP
    asp.net faq : http://asp.net.do/faq/
    foros de asp.net, en español : http://asp.net.do/foros/
    ======================================
    "Norman Yuan" <> wrote in message news:%...
    > For many small offices, they may not have the luxury to have another computer to run web apps. A server may have to do
    > everythihng: domain controller, file/print server, and even exchange, IIS and SQL Server... all on single server. That
    > is why the OP mentions "Small business server".
    >
    >
    > "Juan T. Llibre" <> wrote in message news:...
    >> re:
    >> !> If your server is also domain controller
    >> !> If you have to run your ASP.NET application on this server
    >> !> running IIS/ASP.NET apps on domain controller
    >>
    >> Definitely not recommended.
    >>
    >>
    >>
    >>
    >> Juan T. Llibre, asp.net MVP
    >> asp.net faq : http://asp.net.do/faq/
    >> foros de asp.net, en español : http://asp.net.do/foros/
    >> ======================================
    >> "Norman Yuan" <> wrote in message news:%23F%23Jb$...
    >>> If your server is also domain controller, then there would be no local user account. If you have to run your ASP.NET
    >>> application on this server, you need to some special configuration. Search MS Knowledge Base, there are a few
    >>> articles on running IIS/ASP.NET apps on domain controller. such as:
    >>>
    >>> http://support.microsoft.com/kb/315158
    >>>
    >>> and
    >>>
    >>> http://msdn2.microsoft.com/en-us/library/aa579070.aspx
    >>>
    >>>
    >>>
    >>>
    >>>
    >>> "david" <> wrote in message
    >>> news:...
    >>>> All user accounts in my server in Active Directory User and Computers.
    >>>>
    >>>> My system is small business 2000 server.
    >>>>
    >>>> David
    >>>>
    >>>> "Steve" wrote:
    >>>>
    >>>>> The ASPNET account is added to the local user database, not Active
    >>>>> Directory. You'll need to manually add it yourself if you want it to
    >>>>> have AD credentials, although you might be better off using
    >>>>> impersonation, since you have Windows Authentication enabled. Better
    >>>>> security, in my opinion.
    >>>>>
    >>>>>
    >>>>> Steve C.
    >>>>> MCAD,MCSE,MCP+I,CNE,CNA,CCNA
    >>>>>
    >>>>>
    >>>>> david wrote:
    >>>>> > I am trying to setup ASPNET account for .NET application to access database
    >>>>> > (SQL Server 2000) by
    >>>>> > aspnet_regiis -i in the directory C:\WINNT\Microsoft.NET\Framework\v1.1.4322
    >>>>> >
    >>>>> > After running it, I got a successful installed information. But I can not
    >>>>> > find this account in Active Directory.
    >>>>> >
    >>>>> > The authentication uses Active Directory.
    >>>>> >
    >>>>> > David
     
    Juan T. Llibre, Aug 20, 2007
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?QnJpYW4=?=
    Replies:
    1
    Views:
    477
    =?Utf-8?B?QnJpYW4=?=
    Dec 17, 2003
  2. Replies:
    7
    Views:
    695
    Juan T. Llibre
    Mar 23, 2007
  3. nilapenn
    Replies:
    3
    Views:
    686
    Joe Kaplan \(MVP - ADSI\)
    Feb 14, 2005
  4. Replies:
    4
    Views:
    675
    Paul Clement
    Sep 15, 2005
  5. Adhik
    Replies:
    1
    Views:
    255
    Manohar Kamath [MVP]
    Sep 5, 2003
Loading...

Share This Page