On Jun 19, 8:27=A0am, Jason Viers <s...@beanalby.net> wrote:
> I have an IIS 6 ISAPI Extension that is set as a Wildcard Application
> Map. =A0The virtual directory is set to Inegrated Authentication
> only so it impersonates the requesting user (which GetUserNameEx
> confirms).
>
> The IIS machine is trusted for delegation, and the extension uses
> WinHttp to access various protected HTTP resources, and uses _stat &
> ReadFile to access files shared by other machines
> (\\server\share\other\dir\file.txt). =A0This all works fine our testing
> environment.
>
> In the customer's environment, accessing HTTP resources works fine,
> however all _stat calls fail with an errno of 2
> (ERROR_FILE_NOT_FOUND). =A0I've torn this all the way down to an ISAPI
> Extension that does nothing but echo its user and _stat the query string
> it's given, and it's always file not found.
>
> ----------------------------------------
> A normal EXE run by the user on the IIS machine *IS* able to _stat
> (and read) the same remote resource successfully, so I doubt it's a
> firewall issue. =A0Due to the fact that protected HTTP requests work, I
> also doubt a delegation issue.
>
> I'm suspecting there's some kind of policy set in either the domain or
> the IIS machine itself that is preventing IIS from accessing the
> resource when impersonating the user, but I'm not familiar enough with
> policies to guess what it might be. =A0Attempts to duplicate this
> behavior on our testing network haven't been successful.
>
> Anyone have pointers as to what we should be looking for?