impersonate problem

Discussion in 'ASP .Net Security' started by AJang, Sep 7, 2005.

  1. AJang

    AJang Guest

    Scenario:
    1. IIS anonymous authentication turnned on
    2. Web.config contained:
    <authentication mode="Windows" />
    <identity impersonate="true" userName="localuser" password="real
    password" />
    3. In Web application form , guest fill data and updated to backend
    database, whcich is an mdb file.

    Every thing is ok when "localuser" is in Administrators group.
    For minimum privileges principle, I change "localuser" to "Power users"
    group, the web application encounter error with following stack:
    ===================================
    [OleDbException (0x80004005): 無法指出的錯誤]
    System.Data.OleDb.OleDbConnection.ProcessResults(Int32 hr) +20
    System.Data.OleDb.OleDbConnection.InitializeProvider() +57
    System.Data.OleDb.OleDbConnection.Open() +203
    System.Data.Common.DbDataAdapter.QuietOpen(IDbConnection connection,
    ConnectionState& originalState) +44
    System.Data.Common.DbDataAdapter.FillFromCommand(Object data, Int32
    startRecord, Int32 maxRecords, String srcTable, IDbCommand command,
    CommandBehavior behavior) +304
    System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32 startRecord,
    Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior
    behavior) +77
    System.Data.Common.DbDataAdapter.Fill(DataSet dataSet) +38
    WebSec.WebForm1.Page_Load(Object sender, EventArgs e) in
    c:\inetpub\wwwroot\websec\webform1.aspx.cs:35
    System.Web.UI.Control.OnLoad(EventArgs e) +67
    System.Web.UI.Control.LoadRecursive() +35
    System.Web.UI.Page.ProcessRequestMain() +750
    ==================================

    I think that is a kind of "not enough permission", but how to fix it.

    thanks.

    Ajang
    AJang, Sep 7, 2005
    #1
    1. Advertising

  2. Hello AJang,

    have you checked if "localuser" has the needed NTFS Acls ??

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Scenario:
    > 1. IIS anonymous authentication turnned on
    > 2. Web.config contained:
    > <authentication mode="Windows" />
    > <identity impersonate="true" userName="localuser"
    > password="real
    > password" />
    > 3. In Web application form , guest fill data and updated to backend
    > database, whcich is an mdb file.
    > Every thing is ok when "localuser" is in Administrators group.
    > For minimum privileges principle, I change "localuser" to "Power
    > users"
    > group, the web application encounter error with following stack:
    > ===================================
    > [OleDbException (0x80004005): ???????]
    > System.Data.OleDb.OleDbConnection.ProcessResults(Int32 hr) +20
    > System.Data.OleDb.OleDbConnection.InitializeProvider() +57
    > System.Data.OleDb.OleDbConnection.Open() +203
    > System.Data.Common.DbDataAdapter.QuietOpen(IDbConnection
    > connection,
    > ConnectionState& originalState) +44
    > System.Data.Common.DbDataAdapter.FillFromCommand(Object data, Int32
    > startRecord, Int32 maxRecords, String srcTable, IDbCommand command,
    > CommandBehavior behavior) +304
    > System.Data.Common.DbDataAdapter.Fill(DataSet dataSet, Int32
    > startRecord,
    > Int32 maxRecords, String srcTable, IDbCommand command, CommandBehavior
    > behavior) +77
    > System.Data.Common.DbDataAdapter.Fill(DataSet dataSet) +38
    > WebSec.WebForm1.Page_Load(Object sender, EventArgs e) in
    > c:\inetpub\wwwroot\websec\webform1.aspx.cs:35
    > System.Web.UI.Control.OnLoad(EventArgs e) +67
    > System.Web.UI.Control.LoadRecursive() +35
    > System.Web.UI.Page.ProcessRequestMain() +750
    > ==================================
    > I think that is a kind of "not enough permission", but how to fix it.
    >
    > thanks.
    >
    > Ajang
    >
    Dominick Baier [DevelopMentor], Sep 7, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Peter O'Reilly
    Replies:
    2
    Views:
    10,883
    Peter O'Reilly
    Nov 3, 2003
  2. Aras Kucinskas

    ASP.NET Webservice Impersonate problem

    Aras Kucinskas, Aug 31, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    2,019
    Aras Kucinskas
    Aug 31, 2004
  3. Yoshitha

    Problem with impersonate

    Yoshitha, Jul 1, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    394
    Yoshitha
    Jul 1, 2005
  4. =?Utf-8?B?QmFsYQ==?=

    Impersonate problem

    =?Utf-8?B?QmFsYQ==?=, Nov 2, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    3,327
    =?Utf-8?B?QmFsYQ==?=
    Nov 3, 2005
  5. Bill Belliveau

    DirectoryEntry Impersonate or WindowsIdentity Impersonate?

    Bill Belliveau, Jan 28, 2004, in forum: ASP .Net Security
    Replies:
    3
    Views:
    343
    Joe Kaplan \(MVP - ADSI\)
    Jan 31, 2004
Loading...

Share This Page