Click here to Skip to main content
15,867,965 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
I have one asp.net site which internally run one application.when i open the task manager it shown that process with user default application pool,but my application not run properly.

In identity set as application pool identity.IF i put user which administrative right in application pool identity then it works fine.

But question is i have lots of user and remote user that accessing that website.
So other than custom user if anyone open that site cannot run internal application successfully.

Can i add network service to adminstative user group to access that site suuccfullly is t this corect soltuion.

Thanksssssss
Posted
Comments
Philippe Mori 29-Dec-15 19:33pm    
Why would you need administrative rights?
Mangesh9692 30-Dec-15 3:56am    
Because it open internal app which require administrative rights.

Plz find below discussion for details

thanks
Philippe Mori 30-Dec-15 8:09am    
Then why those application requires administrative rigths? In most situations, this does not make any senses. A web server should not be able to make any system changes! By the way most application should not need those rights beyond installations.

You should rewrote those applications so they works with standard rights.
Mangesh9692 30-Dec-15 8:27am    
i give u details of scenario

1)I configured user in identity of app pool which have admin rights and accessed site,that time it open one another third party app succussfully also that app also perform their task successfully. (Note i logon that machine with same user name and password as configured)
2)When i logon same machine with different user which also have admin rights it open site and internal app successfully but app does not perform its specified task.

this my exact problem.....
Philippe Mori 30-Dec-15 8:52am    
You should seriously ask yourself why those applications need those right. For example, ensure that those applications use files and folder for which they have access.

You should also ask yourself if the application should run as a specific user or as the logged in user.

We cannot figure out for you why the application fails... However, this is very suspicious that this application need administrative rights.

1 solution

When you access your website from browser in your network then you need to it in trusted site zone and additionally you need to turned ON anonymous access to get website access by any user in your LAN
to switch it ON see below snippet
Enable Anonymous access in IIS[^]

Basically in your case, your application open some other application which needs authentication right ? so why don't you try with local Administrator user with Identity Impersonate tag
add below web.config
XML
<system.web>
  <authentication mode="Windows"></authentication>
  <identity password="bar" username="foo" impersonate="true"></identity>
</system.web>
 
Share this answer
 
v2
Comments
Mangesh9692 29-Dec-15 1:53am    
thanks for response.I already set anonymous authentication to enable. My question is internal application which opened by my website always require administrative rights, which identity setting in application poool solve my problem.
koolprasad2003 29-Dec-15 2:12am    
I have update my solution, just try it
Mangesh9692 29-Dec-15 2:27am    
hi Prasad, i already set above configuration.But my website some time used on another machine with other account using ip.

And other thing other internal application opened successfully,it dont ask username n password,but it dont run successfully.like when we open cmd.exe with user which dont have rights.

eg \\45.53.533.\my website.aspx
koolprasad2003 29-Dec-15 4:47am    
so your internal application work but with low rights right ? I think you need to create some permanent user with 'Admin' rights and can continue with IMPERSONATE it
Mangesh9692 29-Dec-15 6:17am    
Currently this is working on local computer but
what happened when user accessed that site on another machine using ip address/site.aspx

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900