Hi Saracen,
Thanks for your posting. From your description, you have a db file on a
remote machine which is exposed as a UNC shared, and you will access this
file in your asp.net application on another server. But you found the
accessing will faild unless you impersonate the asp.net under a DOMAIN
account, yes?
As for this problem, it's a normal security issue when acessing remote
resource in asp.net. When accessing a remote resource we need to let the
asp.net run under a certain account which is valid to the remote machine(
recognizable). What's your asp.net server's version? WIN2K (XP) OR
WIN2003? If it's a 2003 version, since the asp.net's default process
identity is NT AUTHORITY\NETWORKSERVICE which represent the server's domain
machine account (like domainName\machineName$) , so you can just grant the
access permission of the UNC shared folder (on the remote machine) to the
asp.net server's domainMachine account( domainName\machineName$).
If the asp.net server is not 2003, the default process account is a local
account named MACHINE\ASPNET which is not remotable so that the remote
access will fail. To workaround this , one means is just what you've
tried------- use a domain account to run(impersonate) the asp.net
application.
If you don't want to use domain account, you can also create two duplicated
local account(have the same username password) on both the two machines.
Then, let the asp.net run under that local account , when accessing the
remote machine, this account can be valid to the remote machine.
If there is anything unclear, please feel free to post here.
Thanks.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
