Hi Mark,
From the error infos you provided, the Access Denied exception is likely
caused by the <identity impersonate="true" userName=.. password=.. >
element in the web.config. Are you using "Windows" Authencitaion in the
web.config also? If so, the ASP.NET will use the account you set in the
<identity impersonate="true" userName=.. password=.. >( as for your
situation, is the Domain\user) as the workerprocess's executing account
since you enable the impersonation and using Windows Authentication. For
detailed info on ASP.NET impersonation and Authentication, you can view the
following references in MSDN:
#Authentication in ASP.NET: .NET Security Guidance
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/
authaspdotnet.asp
#<identity> Element
http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrfidentitysection.a
sp?frame=true
And the ASP.NET workprocess need to do many things such as file monitoring,
configuration checking ... which need many sets of permissions. By default
it runs under the buildin account "Machine\ASPNET" which has all the proper
privileges. So normally we don't use impersonate to replace the default
worker process accoutn(ASPNET) unless we are very confident that the custom
account we set has all the necessary privileges. Do you thinks so?
And here is another KB article on ASP.NET security overview, hope also
helpful.
#INFO: ASP.NET Security Overview
http://support.microsoft.com/?id=306590
Regards,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx