saving XmlDocument using Windows Authentication

[maxmann]

hello.
We have a web application that has identity impersonation
set to true in the web.config file.
We have a share on a server that we want the application
to write a file to. We have permissions on the share set
for "Everyone" to have full control.
When the XmlDocument.Save(\\myserver\myshare\myfile) line
runs, it gives an access denied error.
The funny thing is that if I run the web page from one of
the servers, which writes to the share on another server,
it works. But when I run it from my local machine, it
errors. BOTH USING THE SAME DOMAIN LOGIN. I'm even writing
out the current identity information in order to verify
that the page is running under the same windows account in
both instances. ????

Any help would be great!

Thanks, Mark

[Paul Clement]

On Tue, 5 Oct 2004 16:11:37 -0700, "maxmann" <anonymous@discussions.microsoft.com> wrote:

¤ hello.
¤ We have a web application that has identity impersonation
¤ set to true in the web.config file.
¤ We have a share on a server that we want the application
¤ to write a file to. We have permissions on the share set
¤ for "Everyone" to have full control.
¤ When the XmlDocument.Save(\\myserver\myshare\myfile) line
¤ runs, it gives an access denied error.
¤ The funny thing is that if I run the web page from one of
¤ the servers, which writes to the share on another server,
¤ it works. But when I run it from my local machine, it
¤ errors. BOTH USING THE SAME DOMAIN LOGIN. I'm even writing
¤ out the current identity information in order to verify
¤ that the page is running under the same windows account in
¤ both instances. ????

You said you have permissions set on the share. Does this mean you also have the appropriate access
rights set by the ACL on the underlying folder or files?

Just to verify, the account you're using is a domain account and not a local account on the web
server? The domain account must of course have access to both servers. If it's a local account then
there must be a mirrored account (with the same password) on the server directed to by the UNC
share.


Paul ~~~ [email]pclement@ameritech.net[/email]
Microsoft MVP (Visual Basic)

Yes, the permissions are set to Everyone on both the share
and the underlying folder for full control.
We're not using a single account for impersonation. We're
just setting impersonation=true, which means that it uses
the login of whoever is accessing the page on our domain.
And if Everyone has permissions, then it seems that the
file should be able to be created by everyone. right?
So yeah, none of this is local accounts.

>-----Original Message-----
>On Tue, 5 Oct 2004 16:11:37 -0700, "maxmann"

<anonymous@discussions.microsoft.com> wrote:

>
>¤ hello.
>¤ We have a web application that has identity

impersonation

>¤ set to true in the web.config file.
>¤ We have a share on a server that we want the

application

>¤ to write a file to. We have permissions on the share

set

>¤ for "Everyone" to have full control.
>¤ When the XmlDocument.Save(\\myserver\myshare\myfile)

line

>¤ runs, it gives an access denied error.
>¤ The funny thing is that if I run the web page from one

of

>¤ the servers, which writes to the share on another

server,

>¤ it works. But when I run it from my local machine, it
>¤ errors. BOTH USING THE SAME DOMAIN LOGIN. I'm even

writing

>¤ out the current identity information in order to verify
>¤ that the page is running under the same windows account

in

>¤ both instances. ????
>
>You said you have permissions set on the share. Does this

mean you also have the appropriate access

>rights set by the ACL on the underlying folder or files?
>
>Just to verify, the account you're using is a domain

account and not a local account on the web

>server? The domain account must of course have access to

both servers. If it's a local account then

>there must be a mirrored account (with the same password)

on the server directed to by the UNC

>share.
>
>
>Paul ~~~ [email]pclement@ameritech.net[/email]
>Microsoft MVP (Visual Basic)
>.
>