Impersonate NT user from Anonymous login

[ajamrozek]

I have an ASPX page that needs to display data from an Access DB that
resides on a network resource other than the running server. To access
the web page itself, I need IIS to have anonymous login set to true,
but to access the Access DB I need to pass an authenticated network
user. Not for the DB's sake but for the network directory that it
resides on.
Some more environment background: large company with tight server
control. I don't directly work for the IT dept., so I need to make
this as easy on IT as possible. Meaning, I can't do any server
configuration (IIS settings or machine.config) and can not store my
database on the server. Everything needs to be run from the .Net
project.
I've tried the following methods with no success:
1. <identity impersonate="true" userName="domain\Username"
password="password"/>
fails because this user is not setup on the machine running IIS and
I won't be able too.
2. set the User name and password in IIS anonymous access config to
the authenticated user. will not work because I will not be able to
edit these values in production.
3. attempted to use API's from MS's KB
failed because it uses tokens based on the current user, which
returned 0 for the token so the impersonation never executes.

thanks,
Alex Jamrozek

 

[Scott Allen]

Approach #1 is, in my opinion, going to be the easiest method going
forward. What type of error are you seeing in this case?

 

[ajamrozek]

For some reason it varies between
-System.Data.OleDb.OleDbException: Unspecified error
Or
-The Microsoft Jet database engine
cannot open the file '(unknown)'. It is already opened exclusively by
another user, or you need permission to view its data

 

[Shawn H. Mesiatowsky]

Can the IT department make the IIS server a Domain member? if it is a domain
member then you should be able to authenticate with user: domain\username

 

[ajamrozek]

There is a possiblity that the IIS server will be on the domain, but I
want to assume it won't be. I'm developing on a laptop that is not
part of the domain, which I think mimics the production environment.
The IIS server will more than likely not be part of the domain as the
Access DB network resource; same with the clients.

 

[Patrick Olurotimi Ige]

ajamrozek,
The error "System.Data.OleDb.OleDbException" look like its from
the application but "The Microsoft Jet database engine
cannot open the file '(unknown)'. It is already opened exclusively by
another user, or you need permission to view its data"

Seems someone else is using the file!
But do you have any NTFS permission created for the file?

 

[ajamrozek]

yeah i'm not worried so much about the oledbexception as i am about the
jet database err. I know what's causing it; to open a .mdb file a
..ldb file must be created in the same directory. To do this, the app
needs to be authenticated on the server. It has nothing to do with the
file being open or what permissions are applied to the file (though
those things would cause errors of their own also).

 

[Patrick Olurotimi Ige]

ajamrozek,
So you got it fixed!!

 

[ajamrozek]

lol, no. that last post was more of a further qualification of my
problem, in that, I know what the problem is, I just can't fix it yet.