Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [impersonation]

29 questions
18
votes
2 answers

Should I impersonate PHP via FastCGI?

I am installing the latest version of PHP onto IIS 7.5 via FastCGI, and all of the instructions say that FastCGI should impersonate the calling client by setting fastcgi.impersonate = 1 If my website will have this configuration dedicated…
WimpyProgrammer
  • 509
  • 1
  • 4
  • 13
17
votes
7 answers

Run as a different user without a password from an elevated prompt in Windows

There are a several utilities to run as a different user (eg: runas, cpau, psexec) but all of them require the password for the respective user, even if you are already running with elevated privileges. I'd like to achieve the following: I already…
Razvan
  • 429
  • 2
  • 6
  • 15
13
votes
2 answers

Which AD permission is required to allow impersonation of an account?

I have a Windows service account. I need to grant it permission to impersonate another account within a group on another trusted domain, without delegation. So effectively, my service account says 'Oh, I'm Barnie@otherdomain.com' now. I know it's…
TopBanana
  • 218
  • 1
  • 2
  • 8
10
votes
1 answer

Is it safe to set validateIntegratedModeConfiguration=false in order to continue using identity impersonate=true?

We have upgraded an ASP.NET web application from IIS6 to IIS7 integrated mode. Our application uses: and therefore we have had to set: Is this sensible? My…
Greg
  • 101
  • 1
  • 3
5
votes
5 answers

IIS Strategies for Accessing Secured Network Resources

Problem: A user connects to a service on a machine, such as an IIS web site or a SQL Server database. The site or the database need to gain access to network resources such as file shares (the most common) or a database on a different server.…
ErikE
  • 301
  • 3
  • 11
3
votes
2 answers

Classic ASP Impersonation | Windows authentication | File Access Denied IIS 7

I have a classic ASP/VBScript website (landing page - default.asp) that writes the website user access (LOGON_USER) activity to a simple txt file via the Scripting.FileSystemObject. VBScript creates an FSO to open/create a new file under the folder…
gmaran23
  • 329
  • 2
  • 6
  • 13
2
votes
0 answers

ASP.NET application impersonate user with netonly to access network share

We have an ASP.NET application running on Server A which is on its own domain, in the web.config we are impersonating a user. Now this application needs to access a folder on Server B which is on a different domain, and Server B declines the access…
Ray
  • 159
  • 4
2
votes
1 answer

IIS cannot serve images due to impersonation?

We have a brand new Windows2012R2 server. We have installed the IIS features on it (including static content). Then we have deployed a web site on it (using copy). When we surf to the web site, HTML, CSS and JavaScript is served up just…
Klas Mellbourn
  • 347
  • 1
  • 5
  • 10
2
votes
2 answers

IIS7 + ASP.NET Impersonation + Windows Auth = 401 Unauthorized

I've got an asp.net app that relies on Request.LogonUserIdentity.Name to be populated with the username of the person logged onto the client machine. In IIS7 on the webserver, I've disabled Anonymous Authentication and enabled ASP.NET Impersonation…
minameismud
  • 61
  • 1
  • 2
2
votes
3 answers

How to prevent user from logon of an account used for impersonation only?

Currently I have a windows service written in C# (running as LocalSystem) which creates a user account, needed for impersonation, by using the DirectoryEntry to add the user/password and associated UserFlags. Then it simply uses this account to…
Shaitan00
  • 21
  • 2
2
votes
3 answers

Disallow root to su on a user which is not listed in /etc/passwd

On Linux we authenticate users against AD. The AD users are not listed on /etc/passwd. We are about to deploy a NFS solution to mount some extra space for each group of users. If a user(A) with sudo su privileges goes to root, then he can…
Marc Riera
  • 1,587
  • 4
  • 21
  • 38
2
votes
3 answers

Authenticated User Impersonation in Classic ASP under IIS7

I've recently moved one of our servers from Server 2003 and IIS6 to Server 2008 R2 and IIS7 (technically IIS7.5 I suppose). In doing so I am transitioning a small account management tool written in classic ASP and have run into a problem with user…
user52663
1
vote
1 answer

Writing to eventlog from iis7 web application fails

I am trying to deploy a .NET web application who's security is done using impersonation. Writing to the eventlog works fine on my dev box (Win 2003 IIS6) but after putting the app on the live box (Win 2008 IIS7) i'm getting the following; Access is…
GordonB
  • 131
  • 1
  • 4
  • 14
1
vote
1 answer

Allowing LocalSystem access to network folder

Background We have a windows service running under the LocalSystem account running on a server. We have a separate server holding attachments for our application that may contain PHI. Today this attachments folder is not accessible to our windows…
user4484399
  • 13
  • 1
  • 4
1
vote
1 answer

Execute Trigger as Login

Is it possible to impersonate a login when running a trigger? I able able to run execute as 'username' but not execute as login='username' I can usee execute as as such with EXECUTE AS login='smr' select top 9 * from Phonelist.dbo.po REVERT I…
jpo
  • 123
  • 2
  • 5
1
2