identity impersonate

Discussion in 'ASP .Net' started by =?Utf-8?B?UGF1bA==?=, Jan 18, 2006.

  1. just wondering what could cause identity impersonate = true to not work on a
    server? It works on my development machine but when I try it on a server
    that has the framework installed it does not seem to work. the setup is
    client------>server (should use user password and name)---->webfile gets
    file listing from server 3. Server 3 is another server with a shared folder
    with the file listing I need to get.

    This seem to work where I have the client and Server2 on the same machine,
    my development machine. Just wondering if there are any ideas. thanks.
    --
    Paul G
    Software engineer.
    =?Utf-8?B?UGF1bA==?=, Jan 18, 2006
    #1
    1. Advertising

  2. Is the root problem that you can't access a file or database from the code?
    Have you confirmed that the server/Virtual Directory is using Basic or NTLM
    authentication? Otherwise, you'll be impersonating IUSR_ and that won't do
    you any good.

    --
    ----
    700cb Development, Inc.
    http://www.700cb.net
    ..NET utilities, developer tools,
    and enterprise solutions

    "=?Utf-8?B?UGF1bA==?=" <> wrote in
    news::

    > just wondering what could cause identity impersonate = true to not
    > work on a server? It works on my development machine but when I try
    > it on a server that has the framework installed it does not seem to
    > work. the setup is client------>server (should use user password and
    > name)---->webfile gets file listing from server 3. Server 3 is
    > another server with a shared folder with the file listing I need to
    > get.
    >
    > This seem to work where I have the client and Server2 on the same
    > machine, my development machine. Just wondering if there are any
    > ideas. thanks.
    cbDevelopment, Mar 13, 2006
    #2
    1. Advertising

  3. Hi thanks for the response. I ended up just moving the files over to the
    source machine but would still like to figure out what is going on. Just
    wondering how to confirm if the server/Virtual Directory is using Basic or
    NTLM authentication?
    Thanks, Paul.
    --
    Paul G



    "cbDevelopment" wrote:

    > Is the root problem that you can't access a file or database from the code?
    > Have you confirmed that the server/Virtual Directory is using Basic or NTLM
    > authentication? Otherwise, you'll be impersonating IUSR_ and that won't do
    > you any good.
    >
    > --
    > ----
    > 700cb Development, Inc.
    > http://www.700cb.net
    > ..NET utilities, developer tools,
    > and enterprise solutions
    >
    > "=?Utf-8?B?UGF1bA==?=" <> wrote in
    > news::
    >
    > > just wondering what could cause identity impersonate = true to not
    > > work on a server? It works on my development machine but when I try
    > > it on a server that has the framework installed it does not seem to
    > > work. the setup is client------>server (should use user password and
    > > name)---->webfile gets file listing from server 3. Server 3 is
    > > another server with a shared folder with the file listing I need to
    > > get.
    > >
    > > This seem to work where I have the client and Server2 on the same
    > > machine, my development machine. Just wondering if there are any
    > > ideas. thanks.

    >
    >
    =?Utf-8?B?UGF1bA==?=, Mar 13, 2006
    #3
  4. You would use the IIS manager. Get properties of the virtual directory (or
    server if you've set up a Web Site for the code). Go to Directory
    Security>Anonymous Access and Authentication Control>Edit and see which
    checkboxes are checked.

    That's only part of the problem. Let's say all three are enabled. The
    normal order is NTLM, Basic, Anonymous. So you would think that your users
    would be impersonated using their logins. But if the user does not have
    access to a file being requested (ASPX, GIF, CSS, whatever), IIS will fall
    back to Anonymous access for the request. Then you're impersonating IUSR
    again.

    So you need to make sure that the folder you've deployed to on the server
    has the proper permissions (that doesn't mean Everyone - Full Access,
    either). Make a user group, put the designated users in the group and
    assign the group to the application folder. Test by removing Anonymous
    access to the virtual directory/web site.

    Hope this helps.

    --
    ----
    700cb Development, Inc.
    http://www.700cb.net
    ..NET utilities, developer tools,
    and enterprise solutions

    =?Utf-8?B?UGF1bA==?= <> wrote in
    news:D:

    > Hi thanks for the response. I ended up just moving the files over to
    > the source machine but would still like to figure out what is going
    > on. Just wondering how to confirm if the server/Virtual Directory is
    > using Basic or NTLM authentication?
    > Thanks, Paul.
    cbDevelopment, Mar 14, 2006
    #4
  5. Ok thanks for the information. will impliment it when I get a chance.
    --
    Paul G
    Software engineer.


    "cbDevelopment" wrote:

    > You would use the IIS manager. Get properties of the virtual directory (or
    > server if you've set up a Web Site for the code). Go to Directory
    > Security>Anonymous Access and Authentication Control>Edit and see which
    > checkboxes are checked.
    >
    > That's only part of the problem. Let's say all three are enabled. The
    > normal order is NTLM, Basic, Anonymous. So you would think that your users
    > would be impersonated using their logins. But if the user does not have
    > access to a file being requested (ASPX, GIF, CSS, whatever), IIS will fall
    > back to Anonymous access for the request. Then you're impersonating IUSR
    > again.
    >
    > So you need to make sure that the folder you've deployed to on the server
    > has the proper permissions (that doesn't mean Everyone - Full Access,
    > either). Make a user group, put the designated users in the group and
    > assign the group to the application folder. Test by removing Anonymous
    > access to the virtual directory/web site.
    >
    > Hope this helps.
    >
    > --
    > ----
    > 700cb Development, Inc.
    > http://www.700cb.net
    > ..NET utilities, developer tools,
    > and enterprise solutions
    >
    > =?Utf-8?B?UGF1bA==?= <> wrote in
    > news:D:
    >
    > > Hi thanks for the response. I ended up just moving the files over to
    > > the source machine but would still like to figure out what is going
    > > on. Just wondering how to confirm if the server/Virtual Directory is
    > > using Basic or NTLM authentication?
    > > Thanks, Paul.

    >
    >
    >
    =?Utf-8?B?UGF1bA==?=, Mar 14, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Christian Binder

    <identity impersonate> and NETWORK ACCESS DB-HELP

    Christian Binder, Jul 25, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    451
    Christian Binder
    Jul 25, 2003
  2. William F. Robertson, Jr.

    identity impersonate for web applications

    William F. Robertson, Jr., Aug 29, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    414
    William F. Robertson, Jr.
    Aug 29, 2003
  3. Peter O'Reilly
    Replies:
    2
    Views:
    10,861
    Peter O'Reilly
    Nov 3, 2003
  4. Bill Belliveau

    DirectoryEntry Impersonate or WindowsIdentity Impersonate?

    Bill Belliveau, Jan 28, 2004, in forum: ASP .Net Security
    Replies:
    3
    Views:
    328
    Joe Kaplan \(MVP - ADSI\)
    Jan 31, 2004
  5. Popezilla
    Replies:
    2
    Views:
    908
    Popezilla
    Mar 18, 2007
Loading...

Share This Page