473,396 Members | 1,961 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c# / c sharp > questions > remoting impersonation/delegation

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Remoting Impersonation/Delegation

I have a client/server application and I'm trying to get the server to
impersonate the client with a delegation token. In my test on Active
Directory, I have two users, the server user and the client user. The
server user has 'Account is trusted for delegation' enabled in Active
Directory. The client user does not have the 'cannot be delegated
role' enabled.

Any time I connect from the client to the server, either on separate
computers or the same computer, I can only get an impersonation level
token, not the delegate token that I will need to connect to another
machine.

I'm using a TCP remoting connection with the following server and
client connections being set up:
Server:

RemotingConfiguration.Configure(AppDomain.CurrentD omain.SetupInformation.ConfigurationFile,
false);
BinaryServerFormatterSinkProvider provider = new
BinaryServerFormatterSinkProvider();
provider.TypeFilterLevel =
System.Runtime.Serialization.Formatters.TypeFilter Level.Full;

IDictionary props = new Hashtable();
props["port"] = 8080;
props["impersonate"] = true;
props["protectionLevel"] =
System.Net.Security.ProtectionLevel.EncryptAndSign ;
props["secure"] = true;

TcpServerChannel chan = new TcpServerChannel(props, provider);
ChannelServices.RegisterChannel(chan, true);
Client:

BinaryClientFormatterSinkProvider provider = new
BinaryClientFormatterSinkProvider();

IDictionary props = new Hashtable();
props["port"] = 0;
props["secure"] = true;
props["tokenImpersonationLevel"] = "Delegation";
props["protectionLevel"] =
System.Net.Security.ProtectionLevel.EncryptAndSign ;

TcpClientChannel chan = new TcpClientChannel(props, provider);
ChannelServices.RegisterChannel(chan, true);
Any ideas of what I might be setting up wrong to get this to work?
I've been trying many different configurations from many different
articles and posts I have read, but none have helped.

Nov 8 '06 #1
1 2976
I have figured out the problem. In the client configuration, the
serviceProviderName needs to be included. This will use Kerberos
authentication instead of NTLM.

The other thing I had wrong was I had the user that the server was
running as with the allow delegation in Active Directory. Instead it
should be the user you want to be delegated(the client user).

Nov 14 '06 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Remoting Impersonation/Delegation problem
by: | last post by:
Hi, I am working on a n-tier app using remoting. I am using the VS 2005 beta 2. My server needs to access a remote resources on behalf on the connected user. I have configured my server like :...
C# / C Sharp
2
Impersonation headaches
by: Stephajn Craig | last post by:
I'm developing an ASP.NET app on a Windows 2003 Server. My ASP.NET app is using Windows Authentication and in IIS I have disabled Anonymous Access, and enabled digest authentication. In my...
ASP.NET
1
Impersonation / Kerberos
by: Mark | last post by:
Assume: IIS 6.0 and SQL Server 2000 are running on two separate windows 2003 servers on the same LAN and windows domain using Active Directory. All client connections using IE 6.0+ are on the...
ASP.NET
3
Machine.Config -- ProcessModel vs Identity Impersonation
by: Wm. Scott Miller | last post by:
What is the difference between using a username and password in the processmodel section vs using one in impersonation in the machine.config file? What are the advantages of each and what are the...
ASP.NET
26
Problems with authentication/impersonation
by: andrew_webby at hotmail | last post by:
Hi Am having a problem with an app I wrote to test patch delivery. I contact a remote PC, and get it to run a patch which is installed on a server. It works fine if I use psexec for example and...
Visual Basic .NET
1
Impersonation Issues. ASP.NET Webform works only on Local Machine
by: Rocky | last post by:
I have a problem. I have a webform, which uses impersonation. My iis is set to windows integrated authentication and anonymous is disabled. My webform connects to active directory and...
ASP.NET
0
perplexing impersonation/SQL issue
by: Aconquija | last post by:
Hello, I am battling a long term problem regarding integrated authentication and impersonation. I have an intranet that uses only integrated authentication to validate my users. The web site is...
ASP.NET
3
Impersonation and Delegation with ASP.NET 2.0 on 2 Servers
by: Patrick | last post by:
Hello I have the following scenario - SQL 2005 server (serversql) - Windows 2003 with IIS (serveriis) - Windows 2003 ADS (serverads) I want to connect to an intranet application using NTML...
ASP.NET
1
403 Forbidden Error Due To Incorrect Impersonation Level
by: theresegt | last post by:
I'm using HttpWebRequest and HttpWebResponse to query a remote server. I plan to load the returned xml into an XMLDocument, but the HttpWebRequest.GetResponse() method fails with a 403 "Forbidden"...
.NET Framework
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!