469,336 Members | 5,552 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,336 developers. It's quick & easy.

Access a remote MSMQ Server from and ASP page (Q173339)

In reference to Q173339, this code works fine if accessing a local queue on the same Server as the IIS is running, but fails if accessing a remote queue

I have provided credentials via Anonymous Logon, and this then works with the Administrator logon, but with no other credentials. The remote queue has "Everyone" and "ANONYMOUS LOGON" with all access priviliges. Both Servers are running Windows 2003 and MSMQ 3.

Code Follow

<
set qInfo = Server.CreateObject ("MSMQ.MSMQQueueInfo")
qInfo.FormatName = "direct=TCP:192.168.1.104\PRIVATE$\testq
Set qQueue = qInfo.Open(32, 0
Set qMessage = qQueue.PeekCurren
If Not qMessage Is Nothing The
Response.Write qMessage.LookupI
End I
%

Cheer

Bryce
Jul 19 '05 #1
6 5767
Hi Bryce,

Thank you for using the community.

I am not very clear about "this then works with the Administrator logon,
but with no other credentials.". With Anonymous access, ASP application
will use the acocunt "IUser_ComputerName" to access the queue. Instead of
"IUser_ComputerName" , I suggest you may try to use a domain user account
which also be a local administrator. Domain user has permission to access
resource on network and administrator has permission to use local file and
protocol.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Jul 19 '05 #2
Thanks Luke ... I appretiate the quick respons

Sorry I ment "Basic Authentication". I am not running a domain. I have tried changing the local security policy, but with no luck

What I am actually trying to do, is receive some data posted to an ASP page and place it on an MSMQ. The IIS Server will be running in a DMZ, and the MSMQ on an Internal Server. I have tried overriding the login credentials with the ImpersonateLoggedOnUser in a called COM component (using Administrator) just for the MSMQ access, but this doesn't appear to work either

Cheer

Bryc

Jul 19 '05 #3
Hi Bryce,

What is the error message and number your ASP application generated?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #4
Hi Bryce,

Even you have set "ANONYMOUS LOGON" with all access priviliges, the access
to MSMQ will still failed due to WIndows NT ACL. The anonymous user may not
have enough permission to open files on the server. The proper solution is
build your system in a Windows domain environment and use a domain user
with permission on both of the servers. Another possible solution is mirror
account: create an account on the two server with same name and password,
and then use this account to access MSMQ. You may try this to see if it
will work.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #5
Hi Luk

I appretiate you comments. I have tried mirroring the credentials between the servers to no avail. Interstingly enough if I make my test logon (testq) a member of the Administrators group on the IIS Server, and look at the Audit Log on the MSMQ Server the access is shown as being "Administrator" even though I logged on to the IIS Server as testq (this allows access

If I run a standalone windows application on the IIS Server it happily accesses the MSMQ Server. This leads me to beleive that this is a restriction that IIS Logon is imposing on the client

Unfortunately, setting up a domain environment is not a very palatable option

Cheer

Bryce
Jul 19 '05 #6
Hi Bryce,

Since the Windows application can access the MSMQ, I also agee with your
speculation. You may try to enable anonymous access for the ASP appliaction
(virtual folder). Instead of "IUSE_ComputerName", you can use your current
logon account for anonymous access. will this help?

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Jul 19 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by Rene' Nielsen | last post: by
3 posts views Thread by Lyle Fairfield | last post: by
7 posts views Thread by =?Utf-8?B?a21jY29za2V5?= | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by zhoujie | last post: by
1 post views Thread by Marylou17 | last post: by
1 post views Thread by Marylou17 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.