May 20, 2014 06:55 AM|WimVM|LINK
That is not really what I try to do.
There is a central web service in an Active Directory domain that executes actions on remote servers. Some are in the same domain, some are in a DMZ zone and are local/standalone servers. We use a impersonation user to grant access for that webservice to
The web service need to create a directory and grant NTFS permissions to users that are local to the target server. As this server is not in AD, I am not able to use AD users. But also the other way around. When I try to grant access to the local users on
the remote servers, the webservice doesn't know them, as they are local on the server and not in AD. In other words, I need a way to use the local users on the remote server, but it need to be executed from the central web service.
Solutions that I thought about are:
- remote call with WMI from the central web service: see question above.
- create a local webservice on the remote target server and call that from the central web service. Problem here is that it are all different servers, and I can not add web references from all of them. In that case I will need a sort of webservice call without
- create a Windows service on the remote servers with a FileSystemWatcher that look when a directory is created and then grants the permissions. I don't really like the idea as there is no confirmation that the security is really set when the web service
create the directory.