[RESOLVED] Impersonate Problems

[MagellanTX]

I have an application that retrieves services from a remote machine and if I run the page from the web server everything works. If I run the page from anywhere else it dies with a permissions error.

It always dies at ServiceProcess.ServiceController.GetServices(remoteMachine)

In my web.config, I do have the impersonate set to true and the authentication is set to Windows.

In IIS, the anonymous connections are disabled and when you browse to the ASPx application it does prompt you for your credentials.

I have been logging the identities at each step of my code and it does show the correct username and says it’s authenticated but the code still bombs out.

I’ve even tried using impersonation via code.

vb.net Code:

'Setup the impersonation
        Dim IC As System.Security.Principal.WindowsImpersonationContext = Nothing
        Dim WI As System.Security.Principal.WindowsIdentity = CType(User.Identity, System.Security.Principal.WindowsIdentity)
        IC = WI.Impersonate
        ...
        ...
        ...
        IC.Undo

The strange thing is that in the web.config if I specify a username/password the applications works perfectly. However, I can’t use this as a fix because I need to use the credentials of the user logged on to the web page.

My next approach was to use API calls to duplicate a user token but I don’t really want implement that much code if there is a simpler way to get this working the way it should.

Any help is appreciated!!

[MagellanTX]

When I was developing this application I researched impersonation to make sure it would work before I started coding. In all the Microsoft documentation out there not once did I find any blurb that says "Windows authentication cannot be passed from one server to another (a double-hop scenario)"