Problem running ASP.NET 2.0 on Win2K domain controller

Discussion in 'ASP .Net' started by Rob Roberts, Feb 10, 2006.

  1. Rob Roberts

    Rob Roberts Guest

    I have developed an ASP.NET 2.0 application using localhost on my Windows XP
    workstation, and it all works fine there. I tried to copy it to my test web
    server, which is a domain controller running Windows 2000 Server SP4. I
    can't get it to work on the server. For testing, I created a simple aspx
    page with nothing on it except for a label. Even that simple page won't
    work on the server. This error message appears in the browser when I try to
    access the page:

    Either a required impersonation level was not provided, or the provided
    impersonation level is invalid. (Exception from HRESULT: 0x80070542)

    Here is the entire stack trace:

    COMException (0x80070542): Either a required impersonation level was not
    provided, or the provided impersonation level is invalid. (Exception from
    HRESULT: 0x80070542)]

    [FileLoadException: Could not load file or assembly
    'System.Web.RegularExpressions, Version=2.0.0.0, Culture=neutral,
    PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Either a
    required impersonation level was not provided, or the provided impersonation
    level is invalid. (Exception from HRESULT: 0x80070542)]
    System.Web.Handlers.AssemblyResourceLoader..cctor() +0

    [TypeInitializationException: The type initializer for
    'System.Web.Handlers.AssemblyResourceLoader' threw an exception.]
    System.Web.Handlers.AssemblyResourceLoader.IsValidWebResourceRequest(HttpContext
    context) +0
    System.Web.Security.FormsAuthenticationModule.OnEnter(Object source,
    EventArgs eventArgs) +3396668
    System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
    +92
    System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
    completedSynchronously) +64


    It appears that since this is a domain controller, the ASPUSER account is
    not created when the .NET framework is installed, and ASP.NET instead runs
    under the IWAM_MachineName account. After hours of searching, I found this
    Microsoft article: http://support.microsoft.com/?id=824308, with title "BUG:
    IWAM Account Is Not Granted the Impersonate Privilege for ASP.NET 1.1 on a
    Windows 2000 Domain Controller with SP4". It refers to ASP.NET 1.1 and not
    2.0, but it still seemed like I was on the right track. This article states
    that the fix is to give the IWAM user the "Impersonate a client after
    authentication" right. I tried this but it had no effect. I also tried
    granting the IWAM user "Act as part of the operating system" and "Log on as
    a service" rights. Even after that I still got the same error when trying
    to access the aspx page.

    I found this article:
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetht01.asp,
    which tells how to configure ASP.NET to run under a different account. This
    is done by adding a username and password to the <processModel> element in
    machine.config. I set up a test user with administrative rights and edited
    machine.config to cause ASP.NET to run under this administrator's account.
    With this, I finally was able to successfully access my aspx page. But this
    isn't an acceptable solution. I don't want to have an administrator's name
    and password contained in machine.config in clear text.

    It seems like there must be some way to get the IWAM_MachineName account to
    work, but I haven't been able to figure it out. What do I need to do to get
    ASP.NET 2.0 working right on a Windows 2000 domain controller?

    Thanks in advance,
    --Rob Roberts
    Rob Roberts, Feb 10, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. David C. Allen
    Replies:
    2
    Views:
    1,938
    bruce barker
    Mar 5, 2004
  2. Prophat
    Replies:
    0
    Views:
    410
    Prophat
    Oct 18, 2004
  3. =?Utf-8?B?VENEb2xwaGluLg==?=

    Webserver needs to be domain controller or just joind to domain?

    =?Utf-8?B?VENEb2xwaGluLg==?=, Sep 22, 2005, in forum: ASP .Net
    Replies:
    7
    Views:
    469
    =?Utf-8?B?VENEb2xwaGluLg==?=
    Sep 22, 2005
  4. Guest

    problem running ASP.NET on a domain controller

    Guest, Nov 6, 2003, in forum: ASP .Net Security
    Replies:
    0
    Views:
    113
    Guest
    Nov 6, 2003
  5. Rob Roberts

    Problem running ASP.NET 2.0 on Win2K domain controller

    Rob Roberts, Feb 10, 2006, in forum: ASP .Net Security
    Replies:
    16
    Views:
    453
    Rob Roberts
    Feb 16, 2006
Loading...

Share This Page