ASPNET users

[Zen]

Hi everyone,

I have the following security issue. I have a ASP.NET application running on
a Server (SERVER_A - XP pro). A certain page needs to show a picture located
on another Server (SERVER_B). Normaly the IIS connects using the local
ASPNET user account, but SERVER_B don't know this account and denies access
to the file. I have tried to add this user account to the second server but
I don't know the pasword so this attempt failed alsoo. How must i configure
the security settings to achieve this.

Any help will be highly apreciated.

Kurt

[Joe Kaplan \(MVP - ADSI\)]

You might consider running your ASP.NET worker process as a domain account
so that server b can authenticate it's credentials on the network. You
might also consider putting the code that need to access the file in COM+
and running that under a domain identity. Also, you might just consider
accessing the file remotely via HTTP via HttpWebRequest or a Web Service.

Lots of options.

Joe K.

"Zen" <Zen@fake.com> wrote in message
news:4034d279$0$316$ba620e4c@news.skynet.be...

> Hi everyone,
>
> I have the following security issue. I have a ASP.NET application running

on

> a Server (SERVER_A - XP pro). A certain page needs to show a picture

located

> on another Server (SERVER_B). Normaly the IIS connects using the local
> ASPNET user account, but SERVER_B don't know this account and denies

access

> to the file. I have tried to add this user account to the second server

but

> I don't know the pasword so this attempt failed alsoo. How must i

configure

> the security settings to achieve this.
>
> Any help will be highly apreciated.
>
> Kurt
>
>

[Paul Glavich]

Or, you could set the ASPNET account to have a specific password in the
machine.config. Look in the <processModel> element for a 'password' entry.
Its normally set to AutoGenerate but you can specify a particular password,
and also create an ASPNET user on server B with the same password and you
are away. Its just another option, however I would recommend Joe's final
option, unless you dont mind a bit of a performance hit when accessing a
COM+ component then you can go with that (seems a bit overkill though).

--
- Paul Glavich


"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
in message news:#GGKHNw9DHA.2736@TK2MSFTNGP10.phx.gbl...

> You might consider running your ASP.NET worker process as a domain account
> so that server b can authenticate it's credentials on the network. You
> might also consider putting the code that need to access the file in COM+
> and running that under a domain identity. Also, you might just consider
> accessing the file remotely via HTTP via HttpWebRequest or a Web Service.
>
> Lots of options.
>
> Joe K.
>
> "Zen" <Zen@fake.com> wrote in message
> news:4034d279$0$316$ba620e4c@news.skynet.be...

> > Hi everyone,
> >
> > I have the following security issue. I have a ASP.NET application

running

> on

> > a Server (SERVER_A - XP pro). A certain page needs to show a picture

> located

> > on another Server (SERVER_B). Normaly the IIS connects using the local
> > ASPNET user account, but SERVER_B don't know this account and denies

> access

> > to the file. I have tried to add this user account to the second server

> but

> > I don't know the pasword so this attempt failed alsoo. How must i

> configure

> > the security settings to achieve this.
> >
> > Any help will be highly apreciated.
> >
> > Kurt
> >
> >

>
>