1. i have developed a webpart for retrieving Active Directory of a user and another webpart to retrieve a Folder owner in our file server.
Now both webparts are working in a visual studio environment ( When we click 'start debuging' ).
But when i have deployed to my IIS, both webparts just like a cat and a dog.
When i set <impersote=true> My AD webpart is working but not the FolderOwner Webpart.
if i set it to false, the My AD webpart is not working but the FolderOwner webpart is working.
Do you have any idea how can i overcome this issue?
ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account.In Internet Information Services (IIS) 6, the default identity is the NetworkService account.
You have to create assign the required roles to run the web parts in a user account and then set the same account in web.config followed by username and password
Something like that -
Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file. <div class="" id=ctl00_rs1_mainContentContainer_ctl06_> <div class=CodeSnippetTitleBar>
<div class=CodeDisplayLanguage></div> <div class=CopyCodeButton><identity impersonate="true" userName="domain\user" password="password" /></div></div></div>
Thanks for replying back.
During my webpart development, i found i need to impersonate the logged in user with another username in order to read "folder owner" in my file server. Quite contradicting, but anyway, the webpart itself will be used in a SharePoint environment. As far as
i understand, SharePoint is also based on ASP.NET, thus putting the <identity impersonate =true userName="user" password="secret" /> will cause sharepoint to use the "user" identity instead of the logged in user. and this scenario is not what i expected.
is there any way to "change" the web.config setting programmatically in asp.net?
or other way which can help?
See Ryan Dunn's post which will explain the basic security problems that you are likely to run into and how to solve them:
http://forums.asp.net/t/897609.aspx
If this post was useful to you, please mark it as answer. Thank you!
on3
0 Points
2 Posts
Active Directory And Directory Information
Jun 13, 2008 12:51 AM|LINK
Hi Guys,
i need a help here.
my Situation is as follow:
1. i have developed a webpart for retrieving Active Directory of a user and another webpart to retrieve a Folder owner in our file server.
Now both webparts are working in a visual studio environment ( When we click 'start debuging' ).
But when i have deployed to my IIS, both webparts just like a cat and a dog.
When i set <impersote=true> My AD webpart is working but not the FolderOwner Webpart.
if i set it to false, the My AD webpart is not working but the FolderOwner webpart is working.
Do you have any idea how can i overcome this issue?
Thanks
Active Directory
worldclassco...
Participant
1730 Points
342 Posts
Re: Active Directory And Directory Information
Jun 13, 2008 05:18 AM|LINK
ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account.In Internet Information Services (IIS) 6, the default identity is the NetworkService account.
You have to create assign the required roles to run the web parts in a user account and then set the same account in web.config followed by username and password
Something like that -
Robin Kedia
www.robinkedia.com
worldclassco...
Participant
1730 Points
342 Posts
Re: Active Directory And Directory Information
Jun 13, 2008 05:20 AM|LINK
You can use the following to determine what user the thread is executing with and without impersonate
System.Security.Principal.WindowsIdentity.GetCurrent().Name
Robin Kedia
www.robinkedia.com
on3
0 Points
2 Posts
Re: Active Directory And Directory Information
Jun 13, 2008 05:27 AM|LINK
Hi there,
Thanks for replying back.
During my webpart development, i found i need to impersonate the logged in user with another username in order to read "folder owner" in my file server. Quite contradicting, but anyway, the webpart itself will be used in a SharePoint environment. As far as i understand, SharePoint is also based on ASP.NET, thus putting the <identity impersonate =true userName="user" password="secret" /> will cause sharepoint to use the "user" identity instead of the logged in user. and this scenario is not what i expected.
is there any way to "change" the web.config setting programmatically in asp.net?
or other way which can help?
Thanks in advance :)
johram
All-Star
28531 Points
3567 Posts
Re: Active Directory And Directory Information
Jun 16, 2008 09:32 PM|LINK
See Ryan Dunn's post which will explain the basic security problems that you are likely to run into and how to solve them: http://forums.asp.net/t/897609.aspx