Problem with ASP.NET Delegation and Impersonation

  • Thread starter Thread starter jm
  • Start date Start date
J

jm

I promise. I have tried everything I could find.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT05.asp

(and much more)

I have an asp (not .net) page on a server which is not a domain
controller (2003 server in a 2000 forest). The asp page on the server
hits a database on another server. For whatever reason, I either get
invalid path when I use a DSN or opened exclusively or permission
needed when using the UNC \\... Because the webpages are on a
non-domain controller, this causes problems.

I thought that by using delegation, I could delegate/trust the
computer (which is in the domain, but not a DC), trust the account
using the webpage, and I even trust the IUSR_computer that I created
(since it is not part of the domain; but the page uses integrated
authentication anyway.

I hope this makes sense. I cannot get the ODBC or the UNC to extract
data from the database on the remote server in the same domain.
Thanks for guidance.
 
delegation only works with digest, not integrated security. also for
security, delegation is not enabled by default. also only active directory
accounts can be used.

impersonated accounts or local accounts have no network permissions, which
is why your code fails.

either switch to digest or basic, or supply a domain username and password
in the web.config.

-- bruce (sqlwork.com)
 
Back
Top