Hi Nick,
From your description, you want to access some shared folder in the ASP.NET
application, however, due to the security protection, you need to do
impersonate, and currently encounter some problems with the impersonate,
correct?
Regarding on this issue, I'd like to confirm the following things:
** Are you in a domain environment, for both the ASP.NET server machine and
the remote share folder's machine
** How did you do the impersonate currrently. Are you impersonate the
ASP.NET client user account( through windows authentication) or use a fixed
account in web.config to do the impersonate?
Based on my experince, if the ASP.NET application need to access another
remote machine's protected resource(such as file share), impersontating
client user(who access the ASP.NET application) will not work due to double
hop limitation. You need to do impersonate with a clear text
username/password so as to establish a security token that can forward
across from ASP.NET server to remote share folder machine.
For the question that you want to only impersonate the context when
accessing a particular file share, I think you can consider do impersonate
programmatically. You can make impersonate call only in method where you
want to access remote share and undo it after finished.
#How To: Use Impersonation and Delegation in ASP.NET 2.0
http://msdn.microsoft.com/en-us/library/ms998351.aspx
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(e-mail address removed).
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#noti f
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.