| Re: Impersonate and IIS6 driving me nuts
your scenario will not work with ii5 or iis6.0. a search of this newsgroup
will give you lots of answers.
the short answer is windows authentication does not support delegation
(passing credentials from one server to another) and is limited to the one
hop rule, only a primary token can be passed to a second server. windows
authentication on iis (all versions) gives the thread a secondary
(impersonation) token which can not be used to access any network resouce.
your only option is basic (which gives iis a primary token), or digest which
supports delegation. digest requires AD and delegation to be enabled
(default is off).
-- bruce (sqlwork.com)
"Bjoern Wolfgardt" <givenname.surname@removeme-cigate.de> wrote in message
news:#r7qes32DHA.2432@TK2MSFTNGP09.phx.gbl...
> Hi NG,
>
> I have written some Apps in ASP.NET that access a SQL Server on another
> machine. I never had a problem doing this in IIS5(.1).
> Most Apps are Intranet Application where I use the integrated windows
> authentication. So my webconfig uses <identity impersonate="true"/>. My
> Problem is that I now had to install one app on a Windows 2003 Server. I
> tried to run my app but I allways get the error that anonymous access is
not
> allowed.
>
> So here is what I did right now:
> - I tried to create a new AppPool. I assigned the app to the new AppPool.
I
> changed the Identity to 'local system'. I allowed delegation for this
> machine (the iis machine). Same Error.
> - I configured the AppPool to use my account and added my account to the
> local group (IIS_WPG). After that I was prompted to enter my credentials
if
> I access the website. But my creds are not accepted.
>
> I have to use integrated windows authentication (and it's the only
> authentication that is enabled).
> If I use simple authentication (I did to test it) all works fine.
> btw: Impersonation works. I checked
> System.Web.HttpContext.Current.User.Identity.Name and it is the user that
> accesses the website.
>
> thx in advance
> Bjoern
>
>
| 
