Impersonate domain user account from DMZ

[Shawn]

Hi.
I have a VB.NET application that retrieve files from a file-share on our
network. In the program I impersonate a user account on our domain that has
access to the file-share. This works fine inside the network, but when I
run the program from our DMZ zone I'm unable to impersonate. When I logon
to the server in DMZ I cannot use my domain account, I have to use a local
account. I'm guessing this is why I'm having trouble impersonating a user
on the domain. Is there something I can do to make the server able to
authenticate a user on my domain? A setting somewhere on the server or
maybe open a port in the firewall?

Any help is greatly appreciated.
Thanks
Shawn

 

[Ken Schaefer]

If you application has the username/password for the domain user, then it
can connect to a remote server passing those credentials as part of a
NTLM-based ('pass through') authentication process. Both servers need to
allow NTLM based authentication.

Cheers
Ken


: Hi.
: I have a VB.NET application that retrieve files from a file-share on our
: network. In the program I impersonate a user account on our domain that
has
: access to the file-share. This works fine inside the network, but when I
: run the program from our DMZ zone I'm unable to impersonate. When I logon
: to the server in DMZ I cannot use my domain account, I have to use a local
: account. I'm guessing this is why I'm having trouble impersonating a user
: on the domain. Is there something I can do to make the server able to
: authenticate a user on my domain? A setting somewhere on the server or
: maybe open a port in the firewall?
:
: Any help is greatly appreciated.
: Thanks
: Shawn
:
: