Insufficient access rights to perform the operation

R

Russ

Insufficient access rights to perform the operationI am trying to figure out
if a user is a member of a role. I installed the AzMan on my XPSP2 box, and
set up a role in our Win2k3 domain. I myself to that role, and I call:
if (Roles.IsUserInRole(user.UserName, "WholeCompany"))
{}

But as soon as I do, I get a "Unable to update the password. The value
provided as the current password is incorrect". I then go into the web.config
file and set up <identity impersonate="true" userName="domain\administrator"
password="password"/>. When I do that, ( and I am assuming that the domain
admin has access to what ever it needs in AD ), I get a "Insufficient access
rights to perform the operation" exception.

I have been fighting this AD membership thing for almost a wekk, making
painfull headway, and I am waitsing valuable time, and my manager is
beginning to notice I am not getting anywhere. I am at my wits end with this.
 
M

MikeS

For <indentity impersonate="true">, see if the the web servers MACHINE$
account is defined as a reader or better in the AzMan stores security
settings. Might see if domain admins is in there too. The AzMan interop
dll neds to be in the GAC and you need to be running with full trust
AFAIK.
 
R

Russ

I'm not exactly sure how I should make the MACHINE$ account a member of the
reader group in AzMan since all of my web servers are machines that are
members of a domain. ( I also don't see any machine$ account on any of them?
). Are you suggesting I create a domain account to run IIS with?

Secondly, I thought setting the impersonate attribute would allow my .NET
web app to run AS the user I set in the username and password values. Since I
set those to the domain admin I should be running my web app with
considerably more privilege that is necessary or appropriate.

Also, the entire Domain Admins group is a member of the AzMan Administrators
group, which I suspect includes read, and write access to the AzMan store. (I
put the domain admin in the reader group in AzMan and there was no change in
behavior).

Finally, the AzMan interop is installed by default on Win2K3 boxes, and all
of my web servers are Win2K3 SP1 boxes. My dev machine is a WinXPSP2 box,
with all of the AzMan stuff installed. Both my dev box, and the web servers
behave exactly the same.
 
R

Russ

I figured out the machine$ thing and added it to the reader group, but I got
the same error.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
A possible cause of this error is insufficient access rights to perform the operation. You can manu 0
cannot perform desired operation 4
The Application attempted to perform an operation not allowed 0
Event 1084 ASPNET Insufficient Rights 2
spawnl issues with Win 7 access rights 11
Trying to access hdml from an open browser using Python. 1
FAQ 4.8 How do I perform an operation on a series of integers? 0

Members online

Total: 34 (members: 3, guests: 31)
Robots: 122

Forum statistics

Threads
473,969
Messages
2,570,161
Members
46,710
Latest member
bernietqt

Latest Threads

Top