Impersonate domain user account from DMZ

Discussion in 'ASP .Net Security' started by Shawn, Oct 14, 2005.

  1. Shawn

    Shawn Guest

    Hi.
    I have a VB.NET application that retrieve files from a file-share on our
    network. In the program I impersonate a user account on our domain that has
    access to the file-share. This works fine inside the network, but when I
    run the program from our DMZ zone I'm unable to impersonate. When I logon
    to the server in DMZ I cannot use my domain account, I have to use a local
    account. I'm guessing this is why I'm having trouble impersonating a user
    on the domain. Is there something I can do to make the server able to
    authenticate a user on my domain? A setting somewhere on the server or
    maybe open a port in the firewall?

    Any help is greatly appreciated.
    Thanks
    Shawn
    Shawn, Oct 14, 2005
    #1
    1. Advertising

  2. Shawn

    Ken Schaefer Guest

    If you application has the username/password for the domain user, then it
    can connect to a remote server passing those credentials as part of a
    NTLM-based ('pass through') authentication process. Both servers need to
    allow NTLM based authentication.

    Cheers
    Ken


    "Shawn" <> wrote in message
    news:...
    : Hi.
    : I have a VB.NET application that retrieve files from a file-share on our
    : network. In the program I impersonate a user account on our domain that
    has
    : access to the file-share. This works fine inside the network, but when I
    : run the program from our DMZ zone I'm unable to impersonate. When I logon
    : to the server in DMZ I cannot use my domain account, I have to use a local
    : account. I'm guessing this is why I'm having trouble impersonating a user
    : on the domain. Is there something I can do to make the server able to
    : authenticate a user on my domain? A setting somewhere on the server or
    : maybe open a port in the firewall?
    :
    : Any help is greatly appreciated.
    : Thanks
    : Shawn
    :
    :
    Ken Schaefer, Oct 18, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Oleg Ogurok
    Replies:
    1
    Views:
    1,764
    bruce barker \(sqlwork.com\)
    May 30, 2006
  2. esource
    Replies:
    0
    Views:
    558
    esource
    Aug 9, 2007
  3. Arulraj Joseph

    cmd.exe should run in impersonate account.

    Arulraj Joseph, Nov 29, 2003, in forum: ASP .Net Security
    Replies:
    0
    Views:
    227
    Arulraj Joseph
    Nov 29, 2003
  4. Bill Belliveau

    DirectoryEntry Impersonate or WindowsIdentity Impersonate?

    Bill Belliveau, Jan 28, 2004, in forum: ASP .Net Security
    Replies:
    3
    Views:
    337
    Joe Kaplan \(MVP - ADSI\)
    Jan 31, 2004
  5. Darwinian

    forms authentication with domain account from DMZ?

    Darwinian, Nov 17, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    382
    Joe Kaplan \(MVP - ADSI\)
    Nov 17, 2005
Loading...

Share This Page