 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Security / November 2006IWAM account and Act as part of the operating system right
I have used the code sample from the KB article http://support.microsoft.com/default.aspx/kb/248187 to impersonate a user from an ASP page and change the security context. The impersonation works fine on Windows 2003 and XP but fails on Windows 2000. The only way I can get impersonation to work is by enabling "Act as part of the operating system" privileges for the IWAM_<computername> account as mentioned in the KB article. My question, 1. How big of a security risk is this when I deploy my application? 2. Is this an accepted security workaround? Thanks in advance. I would appreciate if anyone has any thoughts on this one. Basically, what is the security risk if I grant the IWAM_<computername> user account the Act as part of the operating system right? Thanks. > I have used the code sample from the KB article > http://support.microsoft.com/default.aspx/kb/248187 [quoted text clipped - 8 lines] > > Thanks in advance. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.