"Steven Cheng [MSFT]" <stcheng@online.microsoft.com> wrote in message
news:TBj7FR%23uIHA.1788@TK2MSFTNGHUB02.phx.gbl...
> Hi Nick,
>
> Does the suggestion in my last reply help you some? If you have anything
> unclear or need any other help, welcome to post here.
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> msdnmg@microsoft.com.
>
> ==================================================
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
> ications.
>
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> --------------------t
>>From: stcheng@online.microsoft.com (Steven Cheng [MSFT])
>>Organization: Microsoft
>>Date: Tue, 20 May 2008 03:59:45 GMT
>>Subject: RE: Impersonate on specific directory
>
>>
>>Hi Nick,
>>
>>From your description, you want to access some shared folder in the
> ASP.NET
>>application, however, due to the security protection, you need to do
>>impersonate, and currently encounter some problems with the impersonate,
>>correct?
>>
>>Regarding on this issue, I'd like to confirm the following things:
>>
>>** Are you in a domain environment, for both the ASP.NET server machine
> and
>>the remote share folder's machine
>>
>>** How did you do the impersonate currrently. Are you impersonate the
>>ASP.NET client user account( through windows authentication) or use a
> fixed
>>account in web.config to do the impersonate?
>>
>>Based on my experince, if the ASP.NET application need to access another
>>remote machine's protected resource(such as file share), impersontating
>>client user(who access the ASP.NET application) will not work due to
> double
>>hop limitation. You need to do impersonate with a clear text
>>username/password so as to establish a security token that can forward
>>across from ASP.NET server to remote share folder machine.
>>
>>For the question that you want to only impersonate the context when
>>accessing a particular file share, I think you can consider do impersonate
>>programmatically. You can make impersonate call only in method where you
>>want to access remote share and undo it after finished.
>>
>>#How To: Use Impersonation and Delegation in ASP.NET 2.0
>>http://msdn.microsoft.com/en-us/library/ms998351.aspx
>>
>>Sincerely,
>>
>>Steven Cheng
>>
>>Microsoft MSDN Online Support Lead
>>
>>
>>Delighting our customers is our #1 priority. We welcome your comments and
>>suggestions about how we can improve the support we provide to you. Please
>>feel free to let my manager know what you think of the level of service
>>provided. You can send feedback directly to my manager at:
>>msdnmg@microsoft.com.
>>
>>==================================================
>>Get notification to my posts through email? Please refer to
>>http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#noti
> f
>>ications.
>>
>>Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
>>where an initial response from the community or a Microsoft Support
>>Engineer within 1 business day is acceptable. Please note that each follow
>>up response may take approximately 2 business days as the support
>>professional working with you may need further investigation to reach the
>>most efficient resolution. The offering is not appropriate for situations
>>that require urgent, real-time or phone-based interactions or complex
>>project analysis and dump analysis issues. Issues of this nature are best
>>handled working with a dedicated Microsoft Support Engineer by contacting
>>Microsoft Customer Support Services (CSS) at
>>http://msdn.microsoft.com/subscriptions/support/default.aspx.
>>==================================================
>>This posting is provided "AS IS" with no warranties, and confers no
>>rights.
>>
>>
>>
>>--------------------
>>>From: "Nick" <a@a.com>
>>>Subject: Impersonate on specific directory
>>>Date: Mon, 19 May 2008 15:09:42 +0100
>>
>>>Hi there,
>>>
>>> I need to enable Impersonation in order to access a network share
> from
>>>an ASP.NET application. Unfortunately when I do this it enables it for
>>the
>>>entire application which causes other issues, how would I do this for a
>>>particular folder?
>>>
>>> Thanks in advance for your time.
>>>
>>>Nick.
>>>
>>>
>>>
>>
>>
>

>From: "Nick" <a@a.com>
>References: <#RmU$nbuIHA.548@TK2MSFTNGP06.phx.gbl>

>Subject: Re: Impersonate on specific directory
>Date: Fri, 30 May 2008 12:16:06 +0100

>Hi Steven
>
> Thankyou for your help, I fixed this by creating a class that calls
the
>Win32 LogonUser function on demand, this stops having to enable
>impersonation for the entire application. Anyone else doing this should
>consider cashing the indentity as repeat calling of the API can cause
>resources to expire pretty quick in a live application.
>
> Thanks for your time and help.
>
>Nick.
>
>"Steven Cheng [MSFT]" <stcheng@online.microsoft.com> wrote in message
>news:TBj7FR%23uIHA.1788@TK2MSFTNGHUB02.phx.gbl...
>> Hi Nick,
>>
>> Does the suggestion in my last reply help you some? If you have anything
>> unclear or need any other help, welcome to post here.
>>
>> Sincerely,
>>
>> Steven Cheng
>>
>> Microsoft MSDN Online Support Lead
>>
>>
>> Delighting our customers is our #1 priority. We welcome your comments and
>> suggestions about how we can improve the support we provide to you.
Please
>> feel free to let my manager know what you think of the level of service
>> provided. You can send feedback directly to my manager at:
>> msdnmg@microsoft.com.
>>
>>>>>
>>>>Hi there,
>>>>
>>>> I need to enable Impersonation in order to access a network share
>> from
>>>>an ASP.NET application. Unfortunately when I do this it enables it for
>>>the
>>>>entire application which causes other issues, how would I do this for a
>>>>particular folder?
>>>>
>>>> Thanks in advance for your time.
>>>>
>>>>Nick.
>>>>
>>>>
>>>>
>>>
>>>
>>
>
>
>