.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Kaviya Balasubramanian
Imran Ghani
Post New Web Links

Impersonation with domain account without joining the domain?

Posted By:      Posted Date: September 28, 2010    Points: 0   Category :ASP.Net
 

My feeling says it's not posible but anyway I am curious if there is at least a workaround for accomplish this.

Basically I am working at my client site and my machine is not connected to the domain.
What I want to do is running a web application locally under a domain account, and using the webdev server.
The webapp uses the default authentication, windows authentication that is.
I tried using impersonation with domain\user & password but I got the following error

Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.

I have to mention that the username and the password are correct.

Thanks in advance
Iulian




View Complete Post


More Related Resource Links

Error in Impersonation - different domain account.

  
Hi I am trying to stop a windows service in a server(on different domain) from my C#.NET windows application using ServiceController I am getting following error Inner Exception: {"Access is denied"} Exception Message: "Cannot open Service Control Manager on computer 'x.y.z.a'. This operation might require other privileges." Enviroment:       Windows application running on Windows 7, C#.NET, 3.5 on “ABC” DOMAIN       Target service running on Windows 2003 server. on “XYZ” DOMAIN       Port 445,135 opened between two systems Code:       ServiceController lo_WinSC = new ServiceController();       lo_WinSC.MachineName = "SYSTEMIPAddress";       lo_WinSC.ServiceName = "ServiceToBeStopped"; Some forum suggesting to impersonate account of target domain but failed to Impersonate. Error: “The security database on the server does not have a computer account for this workstation trust relationship”   Question 1: Is it possibile to impersonate account of different domain. i.e My application running on “XYZ” domain, I would like to impersonate an account “ABC” domain. Note: Port LDAP port 389 is opened between two systems. Is possb

Impersonation issue | Multiple domain

  
Hi,I am working on an Intranet site.The site is running with the following configurationWindows 2003 Server, IIS 6The users of the site come from 3 different domains (say Domain A, B, C). We have Integrated Windows Authentication turned on. App pool identity - Network Service Impersonation is turned Off in web.config. We try to impersonate the original caller programatically for one functionality where we try to access contents of a folder on shared drive by giving a UNC path. System.Security.Principal.WindowsImpersonationContext impersonationContext;impersonationContext = ((System.Security.Principal.WindowsIdentity)Context.User.Identity).Impersonate();...DirectoryInfo rootDir = new DirectoryInfo(path); DirectoryInfo[] dirContents = rootDir.GetDirectories();// We show the folders and files which can be downloaded after this ..impersonationContext.Undo();  The web server and the file share are on domain AIssue The above functionality works fine for all users coming from Domain A but for users coming in from Domain B and C get System.UnauthorizedAccessException at rootDir.GetDirectories(). But when the same users type the same UNC path from Win>Run or File Explorer, they are able to open it.The users are all coming in through IE6, so they do not have to provide their user name, password as trust has been established between all 3 domains. Can anyone please p

Can't view the SharePoint Site. Explorer won't take domain account

  
Hi, I'm having issues viewing the SharePoint 2010 Site that I have deployed from any workstation. It seems that my permissions settings have broken - even though I haven't touched them. Whenever http://start/ is visited (the Intranet top site) it asks for credentials. They should have been taken from the User that was logged onto the machine. E.g. NATWIDE\UserA. After entering the credentials, it doesn't accept them, and asks for them again. And again. And then blank page. I'm not receiving the SharePoint "restricted access" page... HOWEVER, when I log into the website via Mozilla Firefox - it appears that the credentials are fine, and it works according to the permissions set for the site from within SharePoint. Does anyone have any idea why this would be happening. I'm completely stumped and I can't find a similar issue anywhere else. I have installed a Stand-alone installation of SharePoint 2010 Server Enterprise on Server 2008. The account that installed the SharePoint server and is a FARM Administrator, can't even log in to view the page. Cheers, Stu. I do not think much of a man who is not wiser today than he was yesterday. - Abraham Lincoln

"The username is invalid. The account must be a valid domain account."

  
So I'm at the SharePoint Products Configuration Wizard, I put in the Database Server and name then put in the username and password. It just keeps saying this message after I hit the Next button! :   The username is invalid. The account must be a valid domain account.   What's wrong?

The specified user account "domain\username" is a local account. Local accounts should only be used

  
HI Im getting this error when trying to set a new Service account for my performance point services. SharePoint is installed in a single server enviroment. I can´t get a new service account configured and I think this is causing my server to run slowly. Any help would be highly appreciated thanks

Hyphens in domain names get trimmed from account names in user profiles

  
We've been trying to launch an internal deployment of SharePoint 2010 MySites but we've run in to a problem with the user profile import. We've reviewed all of the relevant guidance and have been able to complete an import successfully, but all of the characters before a hyphen in our domain name are getting truncated from the imported username. To illustrate:   PREFIX-BLAH\tristan.watkins becomes BLAH\tristan.watkins after it is imported. When I log in, a new user profile is created for PREFIX-BLAH\tristan.watkins and all of the imported profile data is useless, since it is associated with a non-existent BLAH\tristan.watkins.   I'm assuming this is an issue with the beta version of Forefront Identity Manager 2010 that shipped with SharePoint 2010 beta, but I can't find any information suggesting this is a known issue and for all I know it may actually be a SharePoint issue rather than a problem with FIM. For what it's worth, this was not a problem in SharePoint 2007. Can anyone help?

Same server farm administrator domain account for both Intranet and Internet Sharepoint site?

  
Hello,   We are planning to setup 2 streams of architecture for both Intranet and Internet web sites. Just wondering whether there is any best practices/security concerns if we are using the same domain account as the Server Farm Administrator for both Intranet and Internet platform?   Thanks,

How to change the System Account into Domain Administrator account in Sharepoint?

  
I'm attaching the captured image from the Central Admin of our Sharepoint Server. (http://www.experts-exchange.com/images/346242/Central-Admin.jpg) As you can see from the Central Admin image, the user account shown is "System Account", in whereas I logged in as our Domain Administrator. Then when you check it's info from My Settings, the details from the captured image System Account Info was shown. ( http://www.experts-exchange.com/images/346243/System-Account-Info.jpg) How can I change it as be DOMAIN\Administrator & not SHAREPOINT\system or System Account? Please advise...  

User Profile Synchronization: Name of user account / id uses wrong Netbios domain name?!

  
I've got an interesting situation: I've got a domain e.g. FOOBAR.FI. The Netbios domain is due to historical reasons BARFOO. When I use UPS to import accounts from the FOOBAR.FI domain, the user account names in SharePoint are given the id of FOOBAR\<useraccount>. This works so and so. Users are identified and My Sites is fine. However the organizational chart and other fields where you can specify another user don't work as they should. If the manager is specified from AD, the organizational chart works. However, if I edit a profile and check the manager, it's in the form of FOOBAR\<useraccount>. SharePoint highlights this and a tooltip says that the account cannot be found. As a suggestion, it gives BARFOO\<useraccount>, which is found from the AD. All fine and dandy, until you check the organizational chart, which turns out to be empty at this point. This is because in SharePoint there's no user with the name BARFOO\<useraccount>, but only those FOOBAR\<useraccount> users who've been imported from the AD. So bottom line question is: How does UPS select and set the user account name?

What Domain Account should be used for C2WTS in SharePoint 2010?

  

I have installed a brand new farm, Sharepoint 2010 Standard on Windows 2008 R2.  I've configured Kerberos for SQL and SharePoint (verified that Kerberos is working with SQL and SharePoint Central Administration).  This is the start of our company's SharePoint experience (full-blown anyways, I've used WSS 2.0 and played with 3.0 in the past).

The TechNet documentation suggests that if this is a new SharePoint farm, to use Claims-Based Authentication from the start on Web Applications.  It's also suggested to use a domain account to run the C2WTS service.

My question is what domain account should be used for the C2WTS service?  I've already got many service accounts for different parts of SharePoint, and I wasn't sure if the C2WTS needed a special account as well, since there needs to be SPNs set on it.  Can I just use an existing account, and make sure the delegations are set right, or do I need to create a new account for just the C2WTS service?


Error during installation of SQL Server 2005 when typing the domain account

  

I am installing SQL Server 2005 on a server (Windows Server Enterprise Edition 2003 SP2) that is not domain controller and on the screen "Service Account" I checked the box "Customize for each service account" and typed a domain account (it has permission to "logon as a service"), its password and domain, and when I click the "Next" button, I am getting the error below:

"SQL Server Setup could not validate the service accounts. Either the service accounts have not been provided for all of the services being installed, or the specified username or password is incorrect. For each service, specify a valid username, password, and domain, or specify a built-in system account. "

What's happening? Why is this error occurring? What I have to do for this error does not occur?

Thanks for any help me to solve this problem

(Note : Excuse me because my English isn't very good !)

 


Error during installation of SQL Server 2005 when typing the domain account

  

I am installing SQL Server 2005 on a server (Windows Server Enterprise Edition 2003 SP2) that is not domain controller and on the screen "Service Account" I checked the box "Customize for each service account" and typed a domain account (it has permission to "logon as a service"), its password and domain, and when I click the "Next" button, I am getting the error below:

"SQL Server Setup could not validate the service accounts. Either the service accounts have not been provided for all of the services being installed, or the specified username or password is incorrect. For each service, specify a valid username, password, and domain, or specify a built-in system account. "

What's happening? Why is this error occurring? What I have to do for this error does not occur?

Thanks for any help me to solve this problem

 


How can I replace domain user accounts with a general database account?

  
Hi,

How can I replace domain user accounts with a general database account?

thnks,
Gok

Sharepoint Search Server Express 2008 can not index external domain fileshare with valid account

  

Since i have understood that sharepoint 2008 search express doesn't do any security trimming i am trying to index an external fileshare (on a non trusted domain) with it. After authenticating with the external domain account I can manually access all the files in that share i need to. Sharepoint 2008 search express somehow is unable to use the crawl rule in which i specified a different content access account (which is the external domain account).It continuously gives the error "Access is denied. Check that the Default Content Access Account has access to this content, or add a crawl rule to crawl this content."

Exactly the same configuration works fine with sharepoint search server 2010, but that does do security trimming and because of the share being completely external my users could't see any search results.

Any suggestions?



User Profile working, but domain in the Account Name field is incorrect

  

Profile import is working with a small set of users from just one OU. The synchronization connection has a Forest Name of "corp.mycompany.com", just like in our current profile settings in MOSS 07.

However, the user profiles created are listed with "corp" as the domain, not "mycompany".

E.g. my profile Account Name shows "corp\eriehl", but it should be "mycompany\eriehl".

How do I update this reserved property to contain the correct value for our domain?


with out domain name how to create an email account like aqeel.com

  

i would like to create an email which is like an web id example aqeel.com . please confirm


Domain account from SQL box needs to access file share on DMZ server

  

We have a web server set up on the DMZ that talks to a SQL 2005 server on the company domain.

The issue is, we are trying to install this CMS engine that requires a domain account from the SQL server to access a share on the web server that is in the DMZ. 

Is there a way to trust a domain account to have access to a share on the DMZ server?  I have heard of "read only" and one way trusts.  Is that secure and if so how would we go about setting that up?

Basically I want to avoid at all costs of putting the SQL Server on the DMZ server but need a seamless way to access a file share from the trusted SQL Server.


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend