473,287 Members | 1,899 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,287 software developers and data experts.

Impersonating doesn't work on Win2003

fab
Hello,

i'm trying to browse a UNC share through an ASP.NET application and i've got
a problem :
i've tried some examples from MSDN or other web sites (using LogonUser from
Win32 API) and it works perfectly from my computer (windows XP) but it
doesn't work from a windows2003 server : i've got the famous error 1326 :
Logon failure: unknown user name or bad password. ERROR_LOGON_FAILUREis
there a special configuration for Win2003 ? i've tried to set ASPNET user
account "as part of the operating sysem" in local security policy but it
makes nothing...

thanks in advance.


May 15 '06 #1
5 2052
On Windows user account is "Network Service" and not ASPNET.
"fab" <aa*@aaaa.com> wrote in message
news:e4**********@s1.news.oleane.net...
Hello,

i'm trying to browse a UNC share through an ASP.NET application and i've
got a problem :
i've tried some examples from MSDN or other web sites (using LogonUser
from Win32 API) and it works perfectly from my computer (windows XP) but
it doesn't work from a windows2003 server : i've got the famous error 1326
:
Logon failure: unknown user name or bad password. ERROR_LOGON_FAILUREis
there a special configuration for Win2003 ? i've tried to set ASPNET user
account "as part of the operating sysem" in local security policy but it
makes nothing...

thanks in advance.

May 15 '06 #2
fab
i've also tried "Network Service" for the same result

"Winista" <na*********@hotmail.com> a écrit dans le message de news:
e7**************@TK2MSFTNGP05.phx.gbl...
On Windows user account is "Network Service" and not ASPNET.
"fab" <aa*@aaaa.com> wrote in message
news:e4**********@s1.news.oleane.net...
Hello,

i'm trying to browse a UNC share through an ASP.NET application and i've
got a problem :
i've tried some examples from MSDN or other web sites (using LogonUser
from Win32 API) and it works perfectly from my computer (windows XP) but
it doesn't work from a windows2003 server : i've got the famous error
1326 :
Logon failure: unknown user name or bad password. ERROR_LOGON_FAILUREis
there a special configuration for Win2003 ? i've tried to set ASPNET
user account "as part of the operating sysem" in local security policy
but it makes nothing...

thanks in advance.


May 15 '06 #3
For UNC path...

1. Make sure that you are impersonating as domain account who has rights on
the shares.
2. Make sure that web.config is modified to use impersonation.

Is file server same as web server?
Does your file server allow ASPNET/Network Service account to access the
share?

"fab" <aa*@aaaa.com> wrote in message
news:e4**********@s1.news.oleane.net...
i've also tried "Network Service" for the same result

"Winista" <na*********@hotmail.com> a écrit dans le message de news:
e7**************@TK2MSFTNGP05.phx.gbl...
On Windows user account is "Network Service" and not ASPNET.
"fab" <aa*@aaaa.com> wrote in message
news:e4**********@s1.news.oleane.net...
Hello,

i'm trying to browse a UNC share through an ASP.NET application and i've
got a problem :
i've tried some examples from MSDN or other web sites (using LogonUser
from Win32 API) and it works perfectly from my computer (windows XP) but
it doesn't work from a windows2003 server : i've got the famous error
1326 :
Logon failure: unknown user name or bad password. ERROR_LOGON_FAILUREis
there a special configuration for Win2003 ? i've tried to set ASPNET
user account "as part of the operating sysem" in local security policy
but it makes nothing...

thanks in advance.



May 15 '06 #4
fab
the domain account has rights on the share because when i try to browse the
share from windows explorer, it works.
I've put <identity impersonate="true" /> " in the web.config (if i set this
parameter to false, it works on my winxp config)

The file server is not the same as the web server.
How can i give the network service account of the web server (witch is a
local account on the web server i think) access to the file server ? I
thought i've to give access to the file sever's share only the account that
i impersonate ?

"Winista" <na*********@hotmail.com> a écrit dans le message de news:
ur**************@TK2MSFTNGP05.phx.gbl...
For UNC path...

1. Make sure that you are impersonating as domain account who has rights
on the shares.
2. Make sure that web.config is modified to use impersonation.

Is file server same as web server?
Does your file server allow ASPNET/Network Service account to access the
share?

"fab" <aa*@aaaa.com> wrote in message
news:e4**********@s1.news.oleane.net...
i've also tried "Network Service" for the same result

"Winista" <na*********@hotmail.com> a écrit dans le message de news:
e7**************@TK2MSFTNGP05.phx.gbl...
On Windows user account is "Network Service" and not ASPNET.
"fab" <aa*@aaaa.com> wrote in message
news:e4**********@s1.news.oleane.net...
Hello,

i'm trying to browse a UNC share through an ASP.NET application and
i've got a problem :
i've tried some examples from MSDN or other web sites (using LogonUser
from Win32 API) and it works perfectly from my computer (windows XP)
but it doesn't work from a windows2003 server : i've got the famous
error 1326 :
Logon failure: unknown user name or bad password. ERROR_LOGON_FAILUREis
there a special configuration for Win2003 ? i've tried to set ASPNET
user account "as part of the operating sysem" in local security policy
but it makes nothing...

thanks in advance.




May 16 '06 #5
For what it's worth, I just solved this problem within my own ASP.NET
application. Here's the code snippet I used to do it. The fix for me
was changing the LogonType to LOGON32_LOGON_INTERACTIVE (2) instead of
LOGON32_LOGON_NETWORK (3). Here's the code snippet that gets access to
my users...

bool bValidUser =
LogonUser("UNAME","DOMAIN","PASSWORD",(int)LOGON32 _LOGON_INTERACTIVE,(int)LOGON32_PROVIDER_DEFAULT,r ef
token);
System.Security.Principal.WindowsIdentity myWI2 = new
System.Security.Principal.WindowsIdentity(token);
System.Security.Principal.WindowsImpersonationCont ext myWIC2 =
myWI2.Impersonate();

string sDir = "\\\\UNCPATH";
string[] arFiles = System.IO.Directory.GetFiles(sDir);

Before switching the LogonType, my try block would catch the the
'access to UNCPATH is denied' error. I don't use web.config
impersonation, but I do use integrated windows authentication (just so
I'm sure only people on the domain are accessing the intranet app I'm
building). With this method, I don't think either web.config
impersonation or integrated win auth have any bearing on the results.

From
http://msdn.microsoft.com/library/de.../logonuser.asp
LOGON32_LOGON_INTERACTIVE This logon type is intended for users who
will be interactively using the computer, such as a user being logged
on by a terminal server, remote shell, or similar process. This logon
type has the additional expense of caching logon information for
disconnected operations; therefore, it is inappropriate for some
client/server applications, such as a mail server.
LOGON32_LOGON_NETWORK This logon type is intended for high performance
servers to authenticate plaintext passwords. The LogonUser function
does not cache credentials for this logon type.

I figured that maybe LOGON_NETWORK wasn't keeping the appropriate user
cached for my attempt to access the UNCPATH. I hope this helps you
out, yesterday was a pretty infuriating day trying to puzzle this out.

May 19 '06 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: Niels Sloth | last post by:
Hi I have 9 asp-sites on a Win2003 server, and would like to use the same include file, but it does not work. The path for the servers default website (which is not where the problem is) is...
5
by: michaaal | last post by:
I am trying to run this code on a Windows 2003 Server. I have ASP enabled. Any idea why it doesn't work? <% newDB = "new.mdb" newDB = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & newDB...
0
by: Randy | last post by:
Hi all, I'm a developer on the database backend and need to figure out how to get a c++ .net executable to run on a win2003 server. The executable transfers data between oracla and sql server...
3
by: Daniel | last post by:
Is it possible to retain local file system read, write, delete access while impersonating for access to a remote drive in a different domain? I need to be able to move files from a local computer...
3
by: George Ter-Saakov | last post by:
I have an application i wrote on Win2k and everything is working. When i moved it to the Host one button stopped working. I am lost. I do not know what can be wrong. Here is the url...
4
by: Adrian Parker | last post by:
I have a web app that has one problem when deployed on win2003 but works fine on win2k. On a page, I have a button that causes a reload of the page with a different set of querystring values (to...
2
by: Don Rich | last post by:
Please share with me any ideas you may have for troubleshooting and resolving the subject problem. I can give more details as necessary. (Please advise if I should post this problem to a more...
11
by: JCav | last post by:
I need to call a COM object from a remote machine using C#. I also need to pass on a different userID and password to the call. Has anyone done this? I've used Java to do this using JIntegra, but...
1
by: =?Utf-8?B?c3VidGlsZQ==?= | last post by:
Hi :-) I'm having some trouble with LDAP and Active Directory on Win2k3 I use Windows Authentication and the code System.Threading.Thread.CurrentPrincipal.Identity.Name gives me the correct...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.