Now this is a classic. The impersonation fails for CASE I but doesn't fail
for CASE II or III.
Case I:
Client Side Code
-----------------
System.Net.Netw orkCredential credential = new
System.Net.Netw orkCredential(" myUserName", "myPassword ", "myDomain") ;
ServiceA a = new ServiceA();
a.Credentials = credential;
a.SomeMethod();
Server Side Code
------------------
Web.config
-----------
<authenticati on mode="Windows" />
<identity impersonate="tr ue" />
ServiceA
---------
[WebMethod]
public void SomeMethod() {
// Write to share drive code (the share drive has myUserName in ACL
list, myUserName should be able to write to it)
// But it fails
}
Case II:
Everything being same if I change only the Web.config as follows, it works:
<authenticati on mode="Windows" />
<identity impersonate="tr ue" userName="myDom ain\myUserName"
password="myPas sword" />
Case III:
Web.config
------------
<authenticati on mode="Windows" />
<!-- No impersonation -->
ServiceA
---------
[WebMethod]
public void SomeMethod() {
Impersonate i = new Impersonate();
i.StartImperson ate();
// Write to share drive code (the share drive has myUserName in ACL
list, myUserName should be able to write to it)
// This time it works
i.UndoImpersona te();
}
public class Impersonate {
// Usual code using the following
[DllImport("adva pi32.dll")]
public static extern int LogonUserA(...) ;
}
I've tried the following for CASE I as suggested in
http://support.microsoft.com/default...;en-us;q306158. But nothing
works.
a) Changing the "userName" attribute from "machine" to "system" in
"processMod el" node in machine.config
b) Including ASPNET user in following Group Policy:
\Local Computer Policy\Computer Configuration\W indows Settings\Local
Policies\User Rights Assignment\"Act as part of the operating system"
Infrastructure: Windows XP Pro (Service Pack 1); .NET Frmaework 1.0 (No
service pack)
Our corporate policy strongly favors doing things as in CASE I. How can I
make it work?
Thanks,
Ram
for CASE II or III.
Case I:
Client Side Code
-----------------
System.Net.Netw orkCredential credential = new
System.Net.Netw orkCredential(" myUserName", "myPassword ", "myDomain") ;
ServiceA a = new ServiceA();
a.Credentials = credential;
a.SomeMethod();
Server Side Code
------------------
Web.config
-----------
<authenticati on mode="Windows" />
<identity impersonate="tr ue" />
ServiceA
---------
[WebMethod]
public void SomeMethod() {
// Write to share drive code (the share drive has myUserName in ACL
list, myUserName should be able to write to it)
// But it fails
}
Case II:
Everything being same if I change only the Web.config as follows, it works:
<authenticati on mode="Windows" />
<identity impersonate="tr ue" userName="myDom ain\myUserName"
password="myPas sword" />
Case III:
Web.config
------------
<authenticati on mode="Windows" />
<!-- No impersonation -->
ServiceA
---------
[WebMethod]
public void SomeMethod() {
Impersonate i = new Impersonate();
i.StartImperson ate();
// Write to share drive code (the share drive has myUserName in ACL
list, myUserName should be able to write to it)
// This time it works
i.UndoImpersona te();
}
public class Impersonate {
// Usual code using the following
[DllImport("adva pi32.dll")]
public static extern int LogonUserA(...) ;
}
I've tried the following for CASE I as suggested in
http://support.microsoft.com/default...;en-us;q306158. But nothing
works.
a) Changing the "userName" attribute from "machine" to "system" in
"processMod el" node in machine.config
b) Including ASPNET user in following Group Policy:
\Local Computer Policy\Computer Configuration\W indows Settings\Local
Policies\User Rights Assignment\"Act as part of the operating system"
Infrastructure: Windows XP Pro (Service Pack 1); .NET Frmaework 1.0 (No
service pack)
Our corporate policy strongly favors doing things as in CASE I. How can I
make it work?
Thanks,
Ram