How do I run using Windows Identity (Windows 2003)

[David Thielen]

Hi;

This appears to be working but I want to make sure I am doing it right.

I want to be able to run where it passes my Windows Identity to my ASP.NET
app. But I want the ASP.NET app running as whatever user is the default for
that - NOT as the client user.

What do I set?

In IIS Authentication Methods I turned Enable anon off and I checked
Integrated Windows Authentication.

My web.config is:
<authentication mode="Windows"/>
<identity impersonate="false"/>
<authorization>
<allow roles="THIELEN\Windward Administrators, THIELEN\Windward Users"/>
<deny users="*"/>
</authorization>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>

This shows me running as NT AUTHORITY\NETWORK SERVICE and automatically
authenticates me. The thing is, I can't find NETWORK SERVICE as a user (or
group) in either the users/groups on the machine I install to. I know it's a
built-in account but shouldn't it be listed?

And how does this relate to the user ASPNET and the group IIS_WPG?

--
thanks - dave
david_at_windward_dot_net
http://www.windwardreports.com

Cubicle Wars - http://www.windwardreports.com/film.htm

 

[Dominick Baier]

Yep - looks good.

NETWORK SERVICE is builtin and not listed - if you want to grant access (e.g.
in SQL SERVER) - use that name:

NT AUTHORITY\NETWORK SERVICE

The AspNetTokenRoleProvider is not needed - haven't found any advantages
using it (besides that you get a RolePrincipal instead of a WindowsPrincipal
which is confusing IMO)