C
Chris Malone
I have a small ASP program that runs srvinfo.exe remotely on
whatever server you put into the form field. I'm utilizing the
aspexec.dll.
Here is the code:
<html>
<head><title>ASPExec Server Information (srvinfo) Realtime
Query</title><head>
<body>
<H3>ASPExec SrvInfo Realtime Query</H3>
<% if Request.QueryString("host") = "" then %>
<form action="/servers/aspping.asp" method=get>
Enter System Parameters in the form of "-ns \\servername" : <input
type=text size=45 name=host value="-ns \\wammonitor01">
<input type="Submit" VALUE="Submit form">
<input type="Reset" VALUE="Clear fields">
</form>
<%
else
Session.Timeout = 5
Set Executor = Server.CreateObject("ASPExec.Execute")
Executor.Application = "srvinfo.exe"
Executor.Parameters = Request.QueryString("host")
strResult = Executor.ExecuteDosApp
Response.Write "<pre>" & strResult & "</pre>"
end if
%>
</body>
</html>
The code runs fine - the problem is that srvinfo run against any
server besides the server that's running IIS (wammonitor01) will fail
with error 5 (access denied). I suspect that my code is running under
the context of the IWAM_computername account, although I have
Anonymous authentication unchecked for the properties of the site and
am using integrated Windows authentication. This tells me that IIS
should impersonate the credentials of the logged on user (me) which
has Domain Admin privileges. Unfortunately, in some form or another,
this doesnt appear to be happening.
I also tried playing with the IIS Out-of-process Pooled Applications
component and editing the "This application will run under the
following
context" field from "IWAM_computername" to the interactive user, but
then running the script bombs out with server errors.
There must be some way in which IIS can run an .exe that requires
certain privileges against remote servers.
Any help is greatly appreciated.
Thanks,
Chris Malone
Sr. Network Administrator
Westdale Asset Management
Email: (e-mail address removed)
whatever server you put into the form field. I'm utilizing the
aspexec.dll.
Here is the code:
<html>
<head><title>ASPExec Server Information (srvinfo) Realtime
Query</title><head>
<body>
<H3>ASPExec SrvInfo Realtime Query</H3>
<% if Request.QueryString("host") = "" then %>
<form action="/servers/aspping.asp" method=get>
Enter System Parameters in the form of "-ns \\servername" : <input
type=text size=45 name=host value="-ns \\wammonitor01">
<input type="Submit" VALUE="Submit form">
<input type="Reset" VALUE="Clear fields">
</form>
<%
else
Session.Timeout = 5
Set Executor = Server.CreateObject("ASPExec.Execute")
Executor.Application = "srvinfo.exe"
Executor.Parameters = Request.QueryString("host")
strResult = Executor.ExecuteDosApp
Response.Write "<pre>" & strResult & "</pre>"
end if
%>
</body>
</html>
The code runs fine - the problem is that srvinfo run against any
server besides the server that's running IIS (wammonitor01) will fail
with error 5 (access denied). I suspect that my code is running under
the context of the IWAM_computername account, although I have
Anonymous authentication unchecked for the properties of the site and
am using integrated Windows authentication. This tells me that IIS
should impersonate the credentials of the logged on user (me) which
has Domain Admin privileges. Unfortunately, in some form or another,
this doesnt appear to be happening.
I also tried playing with the IIS Out-of-process Pooled Applications
component and editing the "This application will run under the
following
context" field from "IWAM_computername" to the interactive user, but
then running the script bombs out with server errors.
There must be some way in which IIS can run an .exe that requires
certain privileges against remote servers.
Any help is greatly appreciated.
Thanks,
Chris Malone
Sr. Network Administrator
Westdale Asset Management
Email: (e-mail address removed)