Server access to files on the LAN

Do some research on Impersonation for ASP.net.

Look at this part of your machine.config file on your webserver:

<!--
identity Attributes:
impersonate="[true|false]" - Impersonate Windows User
userName="Windows user account to impersonate" | empty string
implies impersonate the LOGON user specified by IIS
password="password of above specified account" | empty string
-->
<identity impersonate="false" userName="" password=""/>

Be careful...if ASP.NET run's as a user with elevated privildges, that could
cause some security concerns.

Michael
"Jerry J" <an*******@discussions.microsoft.com> wrote in message
news:00****************************@phx.gbl...

Hi,

My asp.net application must access a file that can be
anywhere on the server's LAN. I am having a problem
because the server, doesn't have access to files that are
not on the server's local disk. I have done similar
things using COM+ and COM dlls in older versions of asp.
I would have the file access code in a COM dll, run the
dll in COM+, and in COM+, enter a UN and PW that would
have LAN privilege that the COM object would execute on
behalf of. Currently, my file access code is in a dll
written in VB.NET. Is there a way I can give the dll
access to the LAN like I used to do in MTS/COM+? Should I
be handling it differently?

Any help would be appreciated.

Jerry J

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.556 / Virus Database: 348 - Release Date: 12/26/2003

Right... security is really up to you, and I would do more research rather
than blindly using a suggestion found here -- not because the suggestions
are invalid or wrong, but because we know little about your application and
who's using it.

Think about your application's users, functionality involved, and create a
security model before choosing how to best implement a solution here.

Check out the impersonation support in the web.config file -- but this will
affect every request to your asp app. Also check out IIS settings, and
think about turning off anonymous access and allow IIS to consume
authentication info on each web request -- tieing into domain
authentication.

--------------------------------------------------------------------
This reply is provided AS IS, without warranty (express or implied).
--------------------

Content-Class: urn:content-classes:message
From: "Jerry J" <an*******@discussions.microsoft.com>
Sender: "Jerry J" <an*******@discussions.microsoft.com>
Subject: Server access to files on the LAN
Date: Tue, 30 Dec 2003 09:48:50 -0800
Lines: 19
Message-ID: <00****************************@phx.gbl>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Thread-Index: AcPO/S7qNhGQDfu+S4q0gYPNbYUXYw==
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Newsgroups: microsoft.public.dotnet.framework.aspnet
Path: cpmsftngxa07.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:198909
NNTP-Posting-Host: tk2msftngxa11.phx.gbl 10.40.1.163
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
Hi,

My asp.net application must access a file that can be
anywhere on the server's LAN. I am having a problem
because the server, doesn't have access to files that are
not on the server's local disk. I have done similar
things using COM+ and COM dlls in older versions of asp.
I would have the file access code in a COM dll, run the
dll in COM+, and in COM+, enter a UN and PW that would
have LAN privilege that the COM object would execute on
behalf of. Currently, my file access code is in a dll
written in VB.NET. Is there a way I can give the dll
access to the LAN like I used to do in MTS/COM+? Should I
be handling it differently?

Any help would be appreciated.

Jerry J

Hi,
You can have a look on setting security policy for the dll
which needs the LAN privilege by using tools like Caspol.You set the
permissionSet as "LocalIntranet"
HTH


"Jerry J" <an*******@discussions.microsoft.com> wrote in message
news:00****************************@phx.gbl...

Hi,

My asp.net application must access a file that can be
anywhere on the server's LAN. I am having a problem
because the server, doesn't have access to files that are
not on the server's local disk. I have done similar
things using COM+ and COM dlls in older versions of asp.
I would have the file access code in a COM dll, run the
dll in COM+, and in COM+, enter a UN and PW that would
have LAN privilege that the COM object would execute on
behalf of. Currently, my file access code is in a dll
written in VB.NET. Is there a way I can give the dll
access to the LAN like I used to do in MTS/COM+? Should I
be handling it differently?

Any help would be appreciated.

Jerry J