|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IIS 6 Impersonate failed for ASPWe have a Windows 2000 SP4 machine recently upgrade to Windows 2003 and then
SP1. After that, we rename the machine and we got impersonate problem. We are running IIS 5 Isolation Mode on the Web Server. For all virtual directories, we set the anonymous user to a domain account which is the administrator of the local machine and also has access to network resource. We are sure about this. We found that the ASP.Net page can't access the network resource even after we add the line <identity impersonate="true" />, however, if we change the line to <identity impersonate="true" userName="<domain account>" password = "<password>" /> with the same domain account used in anonymous user, the page work again!!! We can use this to bypass the problem for ASP.Net but we also have the same problem in ASP and we really don't know how to fix it. Any help and comment are welcome. It seems that IIS no longer has the password for the domain account in
question. Reset the password for the domain account in AD Users and Computers. Ensure the password is set to not expire. In IIS Manager on the webserver, enter the password again. Restart World Wide Web Publishing Service. Cheers Ken Show quoteHide quote "Gavin Chan" <GavinC***@discussions.microsoft.com> wrote in message news:0505AFD3-9CFC-474C-B206-1324404CA3D0@microsoft.com... : We have a Windows 2000 SP4 machine recently upgrade to Windows 2003 and then : SP1. After that, we rename the machine and we got impersonate problem. We are : running IIS 5 Isolation Mode on the Web Server. For all virtual directories, : we set the anonymous user to a domain account which is the administrator of : the local machine and also has access to network resource. We are sure about : this. : : We found that the ASP.Net page can't access the network resource even after : we add the line <identity impersonate="true" />, however, if we change the : line to <identity impersonate="true" userName="<domain account>" password = : "<password>" /> with the same domain account used in anonymous user, the page : work again!!! We can use this to bypass the problem for ASP.Net but we also : have the same problem in ASP and we really don't know how to fix it. : : Any help and comment are welcome. Thank you very much for your kind response.
However, we did try using another domain account but still not working. We have a couple of virtual directories that use the same domain account and I only try this with one Virtual Directory, should I change all of them? I'll try reset the password later. Regards, Gavin Show quoteHide quote "Ken Schaefer" wrote: > It seems that IIS no longer has the password for the domain account in > question. > > Reset the password for the domain account in AD Users and Computers. Ensure > the password is set to not expire. > In IIS Manager on the webserver, enter the password again. > Restart World Wide Web Publishing Service. > > Cheers > Ken > > -- > Blog: www.adopenstatic.com/cs/blogs/ken/ > Web: www.adopenstatic.com > > > "Gavin Chan" <GavinC***@discussions.microsoft.com> wrote in message > news:0505AFD3-9CFC-474C-B206-1324404CA3D0@microsoft.com... > : We have a Windows 2000 SP4 machine recently upgrade to Windows 2003 and > then > : SP1. After that, we rename the machine and we got impersonate problem. We > are > : running IIS 5 Isolation Mode on the Web Server. For all virtual > directories, > : we set the anonymous user to a domain account which is the administrator > of > : the local machine and also has access to network resource. We are sure > about > : this. > : > : We found that the ASP.Net page can't access the network resource even > after > : we add the line <identity impersonate="true" />, however, if we change the > : line to <identity impersonate="true" userName="<domain account>" password > = > : "<password>" /> with the same domain account used in anonymous user, the > page > : work again!!! We can use this to bypass the problem for ASP.Net but we > also > : have the same problem in ASP and we really don't know how to fix it. > : > : Any help and comment are welcome. > > >  
Other interesting topics
Problems with authenticated users accessing asp's
How to "allow IIS to control anonymous user password"? IIS 6 Anonymous / SUS always 401.3 Windows 2003 Server and IIS 6.0: Domain users can't access my web site :( Script to distinguish between Certificate Authorities (ex. Verisign, Thawte) SSL Authentication problem Win2003/IIS 6 HTTP 400 Error IIS Install RemoveServerHeader in IIS6 Debug Diagnostics Beta - Release Candidate 1 |
|||||||||||||||||||||||
