Windows authentication with impersonation - network resource access fails

srivalli chavali via DotNetMonster.com

Hi,

I have a question regd. Windows authentication and network file access.
My asp.net application doesn't use any of the .NET's authentication schemes
(Forms, Windows or Passport) yet.
I have a login page where the users would supply their credentials and the
business logic compares these

credentials against SQLServer database and allows/denies access to the
website.
So far so good.

But now, my application needs to access some files located on the Domain
network.
The first thing that came in my mind is Impersonation.

I did change my web.config file to use Windows authentication as follows...

<authenticati on mode="Windows" />

<authorizatio n>
<allow users="*" />
</authorization>

<identity impersonate="tr ue"
userName="domai nName\loginID"
password="passw ord"
/>

This "domainName\log inID" account HAS full rights over the network resource.

Now I have UNCHECKED Allow Anonymous Access in IIS.

But I still cannot access the file on the network.

It errors out at the Response.Redire ct
("//networkPath/folder1/subFolder1/fileName");
as Page cannot be displayed.

I have checked the User.Identity.N ame and it looks correct (domainName\
loginID)
Even the User.Identity.A uthenticationTy pe is good (NTLM)

I'm surely missing something critical.

Any help in this regards is greatly appreciated.

Thanks in advance,
Srivalli.

--
Message posted via http://www.dotnetmonster.com

Nov 16 '05 #1

Subscribe Reply

8035

Ignacio Machin \( .NET/ C# MVP \)

Hi,

Two things.
1- When you run a process as a service you need to use the UNC , like
\\servername\pa th to access it
2- BY default (and I dont know if you can change this) you cannot access any
path outside the web tree, this is for security reasons so you could not
traverse the hdd.
Cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation
"srivalli chavali via DotNetMonster.c om" <fo***@DotNetMo nster.com> wrote in
message news:67******** *************** *******@DotNetM onster.com...

Hi,

I have a question regd. Windows authentication and network file access.
My asp.net application doesn't use any of the .NET's authentication
schemes
(Forms, Windows or Passport) yet.
I have a login page where the users would supply their credentials and the
business logic compares these

credentials against SQLServer database and allows/denies access to the
website.
So far so good.

But now, my application needs to access some files located on the Domain
network.
The first thing that came in my mind is Impersonation.

I did change my web.config file to use Windows authentication as
follows...

<authenticati on mode="Windows" />

<authorizatio n>
<allow users="*" />
</authorization>

<identity impersonate="tr ue"
userName="domai nName\loginID"
password="passw ord"
/>

This "domainName\log inID" account HAS full rights over the network
resource.

Now I have UNCHECKED Allow Anonymous Access in IIS.

But I still cannot access the file on the network.

It errors out at the Response.Redire ct
("//networkPath/folder1/subFolder1/fileName");
as Page cannot be displayed.

I have checked the User.Identity.N ame and it looks correct (domainName\
loginID)
Even the User.Identity.A uthenticationTy pe is good (NTLM)

I'm surely missing something critical.

Any help in this regards is greatly appreciated.

Thanks in advance,
Srivalli.

--
Message posted via http://www.dotnetmonster.com

Nov 16 '05 #2

Similar topics

84603

C# SQL connection string (Windows authentication)???

by: Maziar Aflatoun | last post by:

Hi guys, I'm using Windows authentication to connect to SQL Server 2000. On my computer the connection is fine. Now if I move it to a remote server, how to I hard code my Username/Password in my connection string (using Windows NT authentication and not SQL Server authentication)? Thank you Maz.

C# / C Sharp

5683

network (drive) access/impersonate identity problem

by: Peter O'Reilly | last post by:

I am experiencing difficulty access a mapped network drive in an ASP.NET application. While using the .Net framework v 1.1 implementation of System.IO.Directory.Exists(), it fails to recognize a mapped network drive. This is true if the path specified uses a mapped drive letter or is expressed as a UNC address. I have also tried the drive letter and UNC paths with and without trailing backslashes, respectively.

ASP.NET

2633

Windows Credentialing Security Problem

by: Joseph Geretz | last post by:

I'm having a credentialing problem in my web application. Actually, I don't think this is an IIS security issue, since I'm able to access the page I'm requesting. However, the executing page itself is not able to access a specific network resource and I just can't figure out why. First of all, let me say this worked fine with IIS running on Win2000 Server. This has not worked since I upgraded to Windows Server 2003. My Platform: Windows...

ASP.NET

2701

Remote control of windows service with windows 2003 server

by: pberna | last post by:

Dear all, I built a Web Form application to start and stop a Windows Service remotely. I successful tested the application on Windows 2000 server + IIS. I must include the ASPNET user to the Administration group (on server side) to have the necessary authorization to start a Windows Service (I don't understand why "Power User" rights are not enough to do the same thing) Although I'm able to start a service using windows 2000 server...

ASP.NET

3438

Windows authentication from ASP.NET to SQL Server

by: Nils Magnus Englund | last post by:

Hello, I am having trouble using Integrated Windows Authentication between our intranet server and our database server, both of which are on our local domain. Windows authentication works for our intranet server - my domain user "DOM\nme" is correctly authenticated and authorized to view the ASP.NET page on our intranet. The ASP.NET application uses impersonation (<identity impersonate="true"> in Web.config).

ASP.NET

870

Problems with authentication/impersonation

by: andrew_webby at hotmail | last post by:

Hi Am having a problem with an app I wrote to test patch delivery. I contact a remote PC, and get it to run a patch which is installed on a server. It works fine if I use psexec for example and I know it's not NTFS/share-level security at fault - it's readable to everyone which is usually enough for scheduler or any other usually-not-network-user to reach it. I've checked my credentials in my remote session and it says it's

Visual Basic .NET

1774

Integrated Windows Authentication

by: thomson | last post by:

Hi All, If i log into my windows machine, Iam already authenticated against the AD, Inorder to identify the Groups, Do i need to check the Active Directory once again, or Windows Principal.IsInrole is sufficient. All the developers are using logon to a particular domain and doing the work, IF i access one of my developers machine , through my machine , which credentials it take ,will it take mine or

ASP.NET

12587

Vista IIS7 write access denied only with windows authentication

by: DotNetDanny | last post by:

Hello Machine: Windows Vista Business, standalone machine (no domain). Installed an old classic ASP webapplication in IIS7, running under a new app.pool with 'NETWORK SERVICE' account (using existing app.pool gives same results). This webapplication tries to write to a log file. Used Process Monitor (from Sysinternals) for monitoring purposes. Logged in to my machine as 'MYPC\danny', a local account that's a member of the administrators...

IIS / Internet Information Server

3574

Impersonating and Windows Authentication

by: =?Utf-8?B?c3VidGlsZQ==?= | last post by:

Hi :-) I'm having some trouble with LDAP and Active Directory on Win2k3 I use Windows Authentication and the code System.Threading.Thread.CurrentPrincipal.Identity.Name gives me the correct credentials when logged in. When I create user in AD i get an error. I have 4 scenarioes - one work and one don't. I'm very confused:

ASP.NET

9699

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

9562

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...

Windows Server

10535

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

9111

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

7598

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

5622

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

4270

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

3792

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

2966

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General