M
Mandy
Hi,
I have a .NET web application (C#) which calls a command line tool (using
Process object). This tool in turn invokes another tool on another server by
passing that servers IP address as an argument, however, an errors occurs
when the tool on my machine tries to access the server. I have placed the
exact same code in a Windows application and a console application, and they
work fine, so I am under the impression I have a permissions/security problem.
I have tried to implement Kerberos delegation using Microsofts KB article
810572 (configure ASP.NET application for a delegation scenario) but with no
luck. On my machine I have set IE to have Enable Integrated Windows
Authentication to true, the EnableNegotiate in registry was already set to 1.
I have also only have 'Intergrated Windows authentication' option checked on
my IIS (5.0) for my web application directory and have impersonation set to
true in my web.config with authentication set to Windows.
In Active Directory I have set my computer to have 'Trust computer for
delegation' selected, as well as for the server thats needs to be accessed.
The user account on the server that I want to impersonate also has 'Account
is trusted for delegation' selected and 'Account is sensitve and cannot be
delegated' unselected, and this account is impersonated in my web.config.
Admittidly, I did get rather confused with this section so not sure if this
is all correct and I still I can't get my tool to run correctly.... ARGH!
If anyone has any suggestions or can see anything I have done wrong please
let me know, it will be more than appreciated!!
CHEERS!!
Mandy
I have a .NET web application (C#) which calls a command line tool (using
Process object). This tool in turn invokes another tool on another server by
passing that servers IP address as an argument, however, an errors occurs
when the tool on my machine tries to access the server. I have placed the
exact same code in a Windows application and a console application, and they
work fine, so I am under the impression I have a permissions/security problem.
I have tried to implement Kerberos delegation using Microsofts KB article
810572 (configure ASP.NET application for a delegation scenario) but with no
luck. On my machine I have set IE to have Enable Integrated Windows
Authentication to true, the EnableNegotiate in registry was already set to 1.
I have also only have 'Intergrated Windows authentication' option checked on
my IIS (5.0) for my web application directory and have impersonation set to
true in my web.config with authentication set to Windows.
In Active Directory I have set my computer to have 'Trust computer for
delegation' selected, as well as for the server thats needs to be accessed.
The user account on the server that I want to impersonate also has 'Account
is trusted for delegation' selected and 'Account is sensitve and cannot be
delegated' unselected, and this account is impersonated in my web.config.
Admittidly, I did get rather confused with this section so not sure if this
is all correct and I still I can't get my tool to run correctly.... ARGH!
If anyone has any suggestions or can see anything I have done wrong please
let me know, it will be more than appreciated!!
CHEERS!!
Mandy