I'm trying to access an access database on the file server from a web server
using asp.net and IIS 6.0. I can do it when I have anonymous access enabled
in IIS 6.0 as in the public internet web site style. I want to do the same
with the intranet setup where IIS 6.0 is not setup to allow anonymous access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The user who
accesses a web page and tries to load information from a database is unable
to even when the user has access to the database through the user's domain
account. When anonymous access is enable in IIS 6.0 the IUSR account is used
to access the database and that works. 7 1920
Here's a link about impersonation in asp.net. I'd start there if it'll fit
your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot
daisychain that authentication to another host in the domain. There is no
kerberos ticket created with integrated authentication (as opposed to basic
authentication, for example, which will prompt your users to enter
credentials), and that is why you can't access a remote server in your code
in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:EF******** *************** ***********@mic rosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's domain
account. When anonymous access is enable in IIS 6.0 the IUSR account is
used
to access the database and that works.
so iis never invokes an account for login to another host if anonymous access
isn't used. does that sound right. my guess is that you could do this if
you had sql server on the other host is that rght?
"Ray Costanzo" wrote:
Here's a link about impersonation in asp.net. I'd start there if it'll fit
your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot
daisychain that authentication to another host in the domain. There is no
kerberos ticket created with integrated authentication (as opposed to basic
authentication, for example, which will prompt your users to enter
credentials), and that is why you can't access a remote server in your code
in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:EF******** *************** ***********@mic rosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's domain
account. When anonymous access is enable in IIS 6.0 the IUSR account is
used
to access the database and that works.
accessing the file server from the asp.net with integrated authentication
just doesn't work? Is this correct?
"Ray Costanzo" wrote:
Here's a link about impersonation in asp.net. I'd start there if it'll fit
your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot
daisychain that authentication to another host in the domain. There is no
kerberos ticket created with integrated authentication (as opposed to basic
authentication, for example, which will prompt your users to enter
credentials), and that is why you can't access a remote server in your code
in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:EF******** *************** ***********@mic rosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's domain
account. When anonymous access is enable in IIS 6.0 the IUSR account is
used
to access the database and that works.
I'm not sure internally what the other "host" sees when an authenticated
user tries to access it via the IIS server. I think that it still sees it
attempting to be the authenticated user and it makes a request for a
kerberos ticket, and since there is none, it denies access. But, this goes
beyond my scope of knowledge for sure!
Using SQL Server always comes with many benefits, but it's not always
realistic to use it.
You can try using the remote access driver for Access and see how that
goes...
"Provider=M S Remote; Remote Server=http://fileserverName; Remote
Provider=Micros oft.Jet.OLEDB.4 .0; Data Source=C:\Local Path\On\FileSer ver;"
It appears this would necessitate IIS being installed and running on the
remote server.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:6D******** *************** ***********@mic rosoft.com...
so iis never invokes an account for login to another host if anonymous
access
isn't used. does that sound right. my guess is that you could do this if
you had sql server on the other host is that rght?
"Ray Costanzo" wrote:
>Here's a link about impersonation in asp.net. I'd start there if it'll fit your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot daisychain that authentication to another host in the domain. There is no kerberos ticket created with integrated authentication (as opposed to basic authentication , for example, which will prompt your users to enter credentials) , and that is why you can't access a remote server in your code in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message news:EF******* *************** ************@mi crosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The
user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's
domain
account. When anonymous access is enable in IIS 6.0 the IUSR account
is
used
to access the database and that works.
I wonder how microsoft proposes organization create intranet sites if you can
only have IIS access a remote host through anonymous authentication. I guess
that is a limitation.
"Ray Costanzo" wrote:
I'm not sure internally what the other "host" sees when an authenticated
user tries to access it via the IIS server. I think that it still sees it
attempting to be the authenticated user and it makes a request for a
kerberos ticket, and since there is none, it denies access. But, this goes
beyond my scope of knowledge for sure!
Using SQL Server always comes with many benefits, but it's not always
realistic to use it.
You can try using the remote access driver for Access and see how that
goes...
"Provider=M S Remote; Remote Server=http://fileserverName; Remote
Provider=Micros oft.Jet.OLEDB.4 .0; Data Source=C:\Local Path\On\FileSer ver;"
It appears this would necessitate IIS being installed and running on the
remote server.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:6D******** *************** ***********@mic rosoft.com...
so iis never invokes an account for login to another host if anonymous
access
isn't used. does that sound right. my guess is that you could do this if
you had sql server on the other host is that rght?
"Ray Costanzo" wrote:
Here's a link about impersonation in asp.net. I'd start there if it'll
fit
your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot
daisychain that authentication to another host in the domain. There is
no
kerberos ticket created with integrated authentication (as opposed to
basic
authentication, for example, which will prompt your users to enter
credentials), and that is why you can't access a remote server in your
code
in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:EF******** *************** ***********@mic rosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The
user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's
domain
account. When anonymous access is enable in IIS 6.0 the IUSR account
is
used
to access the database and that works.
The article allow
( http://msdn2.microsoft.com/en-us/lib...39(VS.71).aspx) gave me a
hint and I was able to connect the the database on the remot host from the
asp.net. I set identity impersonate to false in the web.config file. I had
to assign the domain Authenticated Users group to the permissions to the
database in order for it to work. I don't want to do that because that means
anyone who authenticates to the domain has access to that database. I want a
little more control then that. Any ideas?
"Ray Costanzo" wrote:
I'm not sure internally what the other "host" sees when an authenticated
user tries to access it via the IIS server. I think that it still sees it
attempting to be the authenticated user and it makes a request for a
kerberos ticket, and since there is none, it denies access. But, this goes
beyond my scope of knowledge for sure!
Using SQL Server always comes with many benefits, but it's not always
realistic to use it.
You can try using the remote access driver for Access and see how that
goes...
"Provider=M S Remote; Remote Server=http://fileserverName; Remote
Provider=Micros oft.Jet.OLEDB.4 .0; Data Source=C:\Local Path\On\FileSer ver;"
It appears this would necessitate IIS being installed and running on the
remote server.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:6D******** *************** ***********@mic rosoft.com...
so iis never invokes an account for login to another host if anonymous
access
isn't used. does that sound right. my guess is that you could do this if
you had sql server on the other host is that rght?
"Ray Costanzo" wrote:
Here's a link about impersonation in asp.net. I'd start there if it'll
fit
your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot
daisychain that authentication to another host in the domain. There is
no
kerberos ticket created with integrated authentication (as opposed to
basic
authentication, for example, which will prompt your users to enter
credentials), and that is why you can't access a remote server in your
code
in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:EF******** *************** ***********@mic rosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The
user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's
domain
account. When anonymous access is enable in IIS 6.0 the IUSR account
is
used
to access the database and that works.
Well Problem solved.
I got exectly what I wanted.
Here's how it worked
1) f:\contacts (folder with web app) has the following permissions setup
allow read and script access to a domain user or group and the local
iis_wpg group who is allowed access to the intranet page
a local asptest account added to the IIS_WPG group.
2) IIS not allowing anonymous
3) Application Pool running under a local account (asptest) and same local
account and password on file server
I was able to control the domain user account who desires access to the
website
and my local asptest account provides access to the database.
Finally.
"Ray Costanzo" wrote:
Here's a link about impersonation in asp.net. I'd start there if it'll fit
your needs: http://msdn2.microsoft.com/en-us/lib...18(VS.71).aspx
When you use the integrated authentication, you, unfortunately, cannot
daisychain that authentication to another host in the domain. There is no
kerberos ticket created with integrated authentication (as opposed to basic
authentication, for example, which will prompt your users to enter
credentials), and that is why you can't access a remote server in your code
in spite of the users' having rights to access the share and everything.
Ray at work
"kmccoskey" <km*******@disc ussions.microso ft.comwrote in message
news:EF******** *************** ***********@mic rosoft.com...
I'm trying to access an access database on the file server from a web
server
using asp.net and IIS 6.0. I can do it when I have anonymous access
enabled
in IIS 6.0 as in the public internet web site style. I want to do the
same
with the intranet setup where IIS 6.0 is not setup to allow anonymous
access.
The way the intranet works is the user authenticates to the IIS 6.0 web
server through group membership in an active directory domain. The user
who
accesses a web page and tries to load information from a database is
unable
to even when the user has access to the database through the user's domain
account. When anonymous access is enable in IIS 6.0 the IUSR account is
used
to access the database and that works.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Sam |
last post by:
Hello everyone,
I have around 20 reports in an ASP web-application which connects to a
SQL Server 2000 dB, executes stored procedures based on input
parameters and returns the data in a nice tabular format.
The data which is used in these reports actually originates from a 3rd
party accounting application called Exchequer. I have written a VB
application (I call it the extractor) which extracts data from
Exchequer and dumps the same...
|
by: dixie |
last post by:
What is the best way to implement a front end for an access database via a
web browser on a private intranet?
This is totally new ground for me. I want to allow users to enter
information into a database and get reports via the normal browser
interface.
How secure is this? If the browser has access to the access application, do
the users then have rights to that directory that would allow them to reach
the database itself?
|
by: contributions |
last post by:
I have an access database on our intranet which when a link is clicked
to open it the user is prompted with "Would you like to open the file
or save it to your computer?". I would like this option bypassed as
some users become confused at this stage!
Also, is there a way to set the database to open within the browser
(IE6) in the same way that Excel and Word do - I'd like it to feel more
integrated to the Intranet than opening in a new...
|
by: Erica Dunn |
last post by:
Hi all. I'm trying to launch a .adp file from my web page. The
application is residing on the intranet, and the .adp file would be
located on a shared drive that everyone would have rights to. Right
now when the user clicks the link, a download box opens that prompts
them to save or open the file. If they save it locally it works fine.
If they try to open it, an error is given, saying "The file is
located outside your intranet or on an...
|
by: TrinityPete |
last post by:
Hi all,
We have a web application that uses web services for data access and
retrieval. The web app and web services reside under IIS on the same
server(WIN2003). The virtual directories have been set for windows
authentication and both the ASP web application and the web services are
using windows authentication with impersonation of the logged on user. We
also set the web service credentials to CredentialCache.DefaultCredentials.
...
| |
by: Anns via AccessMonster.com |
last post by:
My establishment has about 20 ms access db's that will be converted over (see
subject).
When we pull all the BE's over to SQL and the FE's on Sharepoint (.net)
surely we don't have to change every user face, we should be able to use the
same FE in as before as now on Sharepoint?
ANSWER:
|
by: Stewart |
last post by:
Hi there,
I have an Access database, which contains the details of company staff
and services. The plan is to extract data from this database onto our
forthcoming Intranet (no inserting, updating or deleting at this
point). The Intranet itself has been created in ASP.NET, using
Microsoft Visual Web Developer 2005.
My concern is that we will encounter a slow response when pulling data
from this Access database across the network...
|
by: nihad.nasim |
last post by:
Hi there,
I have a database in Access that I need on the web. The web page
should connect to the database and write records for certain tables
and view records for others. I want to know a reliable way of
connecting Access to a server. I am willing to switch to any version
of Access which might solve the problem. Which server would you
recommend and what are the advanatages and disadvantatges of the
server you propose? Please also inlcude...
|
by: GNoter |
last post by:
Scenario:
I've a WebFarm with 2 web servers which are NLBs (network load balanced).
Web1 and Web2; they are not part of a domain.
I have a third server, Server3, which is part of a domain and on the same physical network, and it has an MSAccess database which is used on the external webfarm as well as on the internal intranet. I can connect via the intranet because the DB file is on the same box from which the intranet is being served...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |