IIS WebServer CreatesNew file: OwnerShip?

Posted by Beaud. on Server Fault See other posts from Server Fault or by Beaud.
Published on 2009-07-28T19:06:33Z Indexed on 2010/05/04 1:08 UTC
Read the original article Hit count: 311

Filed under:
|
|

IIS is configured for Integrated Windows Authentication.

web.config is configured as follows:

<authentication mode="Windows" />
<identity impersonate="true" />

We are Load balancing between \webserver1 and \webserver2.

Windows Server 2003

  1. \\webserverX creates a XML file to \\share1 and access is denied.

  2. We got pass through access denial by allowing Everyon to access the share...

  3. We would like to have the impersonated user to be the owner of the created file. Instead, \\webserver1's computer account is the owner.

  4. How can we make sure that the impersonated user has ownership of the file at creation time?

PROGRESSION:

  1. I decided to create the file locally on \\webserver1's root directory.

  2. File's ownership is NETWORK SERVICES even if impersonate="true".

  3. I'm unable to change ownership of the file in C# code.

Why when creating a file, IIS won't use the impersonated user's write permissions? If it actually does, what I am doing wrong?

© Server Fault or respective owner

Related posts about kerberos

Related posts about ASP.NET