|
Home > Archive > IIS Index Server > April 2005 > Impersonation, ASP.NET and IS via OLEDB
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Impersonation, ASP.NET and IS via OLEDB
|
|
| matthewt 2005-04-04, 7:48 am |
| Hi,
I've been battling the problem of performing an Index Server search via
OLEDB from ASP.NET whilst impersonating the end-user (windows auth) for quite
a while.
I've had it working on Win2K for the last 8 months, using programatic rather
than declarative impersonation, but could never get it going on WinXP Pro.
MSFT (Wen-Jun Zhang) confirmed back in August 04 that this had been listed as
a bug *and* that Windows Server 2003 wasn't affected.
I've just migrated our application to Win2K3 and found that I'm getting
exactly the same error as XP Pro produces.
To re-cap, I get an "Access Denied" message from the OLEDB provider whenever
I perform a search whilst impersonating the end-user and having previously
run a SET command to alias a custom property (from an HTML meta-tag).
I have a simple web form that reproduces the error for me if that's of to
anyone.
I've run regmon and filemon and can't see anything obvious + I've truned on
quite a bit of security auditing and don't see any failure audits.
One small bit of progress was that when I configured the app pool to run as
LocalSystem, the error went away. Unfortunately, running our application as
LocalSystem is not acceptable.
I'd appreciate info from anyone at MSFT regarding whether or not the bug has
been fixed, and if so whether a patch is available.
I'd welcome any help/advice from anyone else on working this out....
cheers,
Matt Thurlow
| |
| Hilary Cotter 2005-04-04, 7:48 am |
| can you contact me offline Matt?
--
Hilary Cotter
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"matthewt" <matthewt@nospam.nospam> wrote in message
news:E5B7F018-540C-4A94-AC11-A60BFFFBED16@microsoft.com...
> Hi,
>
> I've been battling the problem of performing an Index Server search via
> OLEDB from ASP.NET whilst impersonating the end-user (windows auth) for
quite
> a while.
>
> I've had it working on Win2K for the last 8 months, using programatic
rather
> than declarative impersonation, but could never get it going on WinXP Pro.
> MSFT (Wen-Jun Zhang) confirmed back in August 04 that this had been listed
as
> a bug *and* that Windows Server 2003 wasn't affected.
>
> I've just migrated our application to Win2K3 and found that I'm getting
> exactly the same error as XP Pro produces.
>
> To re-cap, I get an "Access Denied" message from the OLEDB provider
whenever
> I perform a search whilst impersonating the end-user and having previously
> run a SET command to alias a custom property (from an HTML meta-tag).
>
> I have a simple web form that reproduces the error for me if that's of to
> anyone.
>
> I've run regmon and filemon and can't see anything obvious + I've truned
on
> quite a bit of security auditing and don't see any failure audits.
>
> One small bit of progress was that when I configured the app pool to run
as
> LocalSystem, the error went away. Unfortunately, running our application
as
> LocalSystem is not acceptable.
>
> I'd appreciate info from anyone at MSFT regarding whether or not the bug
has
> been fixed, and if so whether a patch is available.
>
> I'd welcome any help/advice from anyone else on working this out....
>
> cheers,
> Matt Thurlow
>
>
| |
| David Lee 2005-04-04, 5:57 pm |
| I'm 99% sure this is fixed in Windows Server 2003 SP1. Please install it
and give it a try.
"matthewt" <matthewt@nospam.nospam> wrote in message
news:E5B7F018-540C-4A94-AC11-A60BFFFBED16@microsoft.com...
> Hi,
>
> I've been battling the problem of performing an Index Server search via
> OLEDB from ASP.NET whilst impersonating the end-user (windows auth) for
quite
> a while.
>
> I've had it working on Win2K for the last 8 months, using programatic
rather
> than declarative impersonation, but could never get it going on WinXP Pro.
> MSFT (Wen-Jun Zhang) confirmed back in August 04 that this had been listed
as
> a bug *and* that Windows Server 2003 wasn't affected.
>
> I've just migrated our application to Win2K3 and found that I'm getting
> exactly the same error as XP Pro produces.
>
> To re-cap, I get an "Access Denied" message from the OLEDB provider
whenever
> I perform a search whilst impersonating the end-user and having previously
> run a SET command to alias a custom property (from an HTML meta-tag).
>
> I have a simple web form that reproduces the error for me if that's of to
> anyone.
>
> I've run regmon and filemon and can't see anything obvious + I've truned
on
> quite a bit of security auditing and don't see any failure audits.
>
> One small bit of progress was that when I configured the app pool to run
as
> LocalSystem, the error went away. Unfortunately, running our application
as
> LocalSystem is not acceptable.
>
> I'd appreciate info from anyone at MSFT regarding whether or not the bug
has
> been fixed, and if so whether a patch is available.
>
> I'd welcome any help/advice from anyone else on working this out....
>
> cheers,
> Matt Thurlow
>
>
| |
| matthewt 2005-04-05, 7:54 am |
| David,
Thanks very much - it appears to be working with SP1 applied. I had scanned
http://support.microsoft.com/kb/824721 for anything relating to index server
but nothing leapt out at me.
Thanks again,
Matt
"David Lee" wrote:
> I'm 99% sure this is fixed in Windows Server 2003 SP1. Please install it
> and give it a try.
>
|
|
|
|
|