Impersonation failure with Index Server and Forms Authentication with Active Directory

Hello,

Thanks very much for your post. It benefits the whole group very much.

It seems that this problem likes the one mentioned in:
"FIX: "Access Is Denied" Error Message When You Try to Access Indexing Service from ASP.NET with Impersonation
Enabled"
http://support.microsoft.com/?id=323293

The workaround is also the same.

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
!From: cr******@heery.com (techfuzz)
!Newsgroups: microsoft.public.dotnet.framework.aspnet
!Subject: Impersonation failure with Index Server and Forms Authentication with Active Directory
!Date: 8 Aug 2003 10:21:00 -0700
!Organization: http://groups.google.com/
!Lines: 55
!Message-ID: <63**************************@posting.google.com >
!NNTP-Posting-Host: 67.96.192.158
!Content-Type: text/plain; charset=ISO-8859-1
!Content-Transfer-Encoding: 8bit
!X-Trace: posting.google.com 1060363261 9983 127.0.0.1 (8 Aug 2003 17:21:01 GMT)
!X-Complaints-To: gr**********@google.com
!NNTP-Posting-Date: 8 Aug 2003 17:21:01 GMT
!Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-online.de!news-spur1.maxwell.syr.edu!
news.maxwell.syr.edu!sn-xit-03!sn-xit-01!sn-xit-05!sn-xit-09!supernews.com!postnews1.google.com!not-for-mail
!Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.framework.aspnet:166191
!X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
!
!I'm posting my problem experience and solution I found here for other
!ASP.NET developers.
!
!I have a web application that uses Forms Authentication with Active
!Directory to control access. In this web application, I have search
!page that utilizes the Windows Indexing Service (MSIDXS provider).
!For reasons I'm not aware of at this time, setting <identity
!impersonation="true" /> in the web.config causes an error whenever you
!try to search.
!
!This is the error message: HttpException (0x80004005): Impersonation
!failure.
!
!The only information I was able to find was another thread in the
!microsoft.public.inetserver.indexserver newsgroup titled
!"Impersonation Discoveries with .NET Framework" which steered me in
!the right direction. SteveC, the owner of the other thread, said he
!was able to fix the search by setting the impersonation to false but
!other things broke probably because of his authentication method and
!not being able to read the file ACL's.
!
!Mine solution is a little different from his, I kept the overall
!application's identity impersonation set to true as was originally how
!I was configured, but then set the impersonation to false only for my
!search.aspx page. Here's a snippet of my web.config for you with
!commented notes.
!
!<?xml version="1.0" encoding="utf-8" ?>
!<configuration>
!
!<!-- I added this location node -->
! <location allowOverride="true" />
!<!-- End location node -->
!
! <system.web>
! <authentication mode="Forms">
! <forms loginUrl="logon.aspx" name="adAuthCookie" timeout="60"
!path="/" >
! </forms>
! </authentication>
!
!<!-- I left this impersonate alone -->
! <identity impersonate="true" />
!
! </system.web>
!
!<!-- I added this location node -->
! <location path="search.aspx">
! <system.web>
! <identity impersonate="false" />
! </system.web>
! </location>
!<!-- End location node -->
!
!</configuration>
!