COMSecurity
Programmer
Hi
Setup:
- AD Domain Controller on machine #1
- IIS/COM+ on machine #2 belonging to the same domain
- SQL Server on machine #3 belonging to the same domain
Settings:
- All users are authenticated against AD
- IIS web server:
- Basic Authentication
- Application setting - Medium (Pooled)
- COM+ Server Application:
- In Security tab, impersonation is set to 'Identify'
- In Identity tab, the account is running under AppAccount (that is setup in AD) and NOT as 'Interactive User'.
Problem:
In order for the application to work the first time, I have to logon into machine #2 using AppAccount (in AD Domain). If not, the application does not work giving the message "Automation Error - Logon Failure - Invalid user name or bad password".
But after logging into the machine #2 using AppAccount for the first time, the application continues to work for any other authenticated user account in AD as long as any of the following does not happen:
- IIS is restarted
- COM+ is restarted or
- Machine #2 is rebooted.
If any of them happen, I again need to login in using AppAccount into machine #2. This creates major issues in a production environment.
Has anyone run into this issue before. Any suggestions are also appreciated. Thanks.
Setup:
- AD Domain Controller on machine #1
- IIS/COM+ on machine #2 belonging to the same domain
- SQL Server on machine #3 belonging to the same domain
Settings:
- All users are authenticated against AD
- IIS web server:
- Basic Authentication
- Application setting - Medium (Pooled)
- COM+ Server Application:
- In Security tab, impersonation is set to 'Identify'
- In Identity tab, the account is running under AppAccount (that is setup in AD) and NOT as 'Interactive User'.
Problem:
In order for the application to work the first time, I have to logon into machine #2 using AppAccount (in AD Domain). If not, the application does not work giving the message "Automation Error - Logon Failure - Invalid user name or bad password".
But after logging into the machine #2 using AppAccount for the first time, the application continues to work for any other authenticated user account in AD as long as any of the following does not happen:
- IIS is restarted
- COM+ is restarted or
- Machine #2 is rebooted.
If any of them happen, I again need to login in using AppAccount into machine #2. This creates major issues in a production environment.
Has anyone run into this issue before. Any suggestions are also appreciated. Thanks.