asp.net impersonation setup
My web app is set to use Windows Authentication and Impersonation is set to true.
<authentication mode="Windows"/>
<identity impersonate="true"/>
When I run it on my local machine (IIS6), I access Active directory with my current login.
WindowsIdentity curIdentity = WindowsIdentity.GetCurrent();
WindowsPrincipal myPrincipal = new WindowsPrincipal(curIdentity);
However when I access my site remotely Impersonation does not seem to b开发者_JS百科e working; I display the groups that the user belongs to - and get a very short list!
What else do I need?
Impersonation does not pass credentials more than 1 hop between machines. So your creds go from your machine to IIS but no further, accessing active directory is a 2nd hop. When everything runs on the same machine (as in your local case), it will work fine.
http://msdn.microsoft.com/en-us/library/aa292118(VS.71).aspx
I'm pretty sure you need to be specifying a user:
<identity impersonate="true" userName="contoso\Jane" password="pass"/>
Otherwise it will use the ASP.Net user, which will have limited privileges.
See here for more information (including how to store the username/password encrypted).
精彩评论