D
Dwight Johnson
We had a situation where impersonation was working on our test
intranet site, but failing on our production site. The application
uses integrated Windows authentication, and gets the currently logged
in user using the WindowsIdentity class. The web.config had
impersonate set to true. Everything seemed to be set up correctly, but
it was not working.
Apparently there were two things that needed to be done to get it to
work:
1) install SP2 and all subsequent updates for Windows 2003 Server on
that server, and
2) check the "Trust computer for delegation" setting on the Properties
window in Active Directory for that server.
Once these things had been done, the impersonation worked as
advertised.
I had looked for a solution to this problem, but had not seen this
particular set of circumstances mentioned anywhere.
intranet site, but failing on our production site. The application
uses integrated Windows authentication, and gets the currently logged
in user using the WindowsIdentity class. The web.config had
impersonate set to true. Everything seemed to be set up correctly, but
it was not working.
Apparently there were two things that needed to be done to get it to
work:
1) install SP2 and all subsequent updates for Windows 2003 Server on
that server, and
2) check the "Trust computer for delegation" setting on the Properties
window in Active Directory for that server.
Once these things had been done, the impersonation worked as
advertised.
I had looked for a solution to this problem, but had not seen this
particular set of circumstances mentioned anywhere.