NT Authentication

[kloner]

Hi all,

I have 2 x Webservers (A + B).

A - Hosts one file which reads a directory and returns a temp file name I need.

B - The main webserver that hosts the application.

Problem : I am using winhttp object to call a page on 'B' from 'A'.
Because we have 2000/NT security, the page on 'A' the file doesn't run correctly and I get permission denied. This is because I am not putting in the username/password/domain in the popup box (because the file is called via xml.load).

Answer I need? How do you pass the user/password/domain in ASP? So we can go and run the file straight away?


kloner

 

[kloner]

Sorry I posted this twice, had no idea the first one went.
kloner

 

[petey2K]

Each webserver runs with an account that has no network credentials. If you call machine A "NT_A" then IIS runs as "IUSR_NT_A" (or something close). As a result, it has no credentials to get to the files on machine B.

Through IIS Manager, you can do things like have asp code in some directory run under an account in the domain (that way it has domain credentials, but be very careful with locking down that account). You can also have the web server run as a domain user too (quite dangerous as it can be hacked to run amok in your system). Or, you can force a logon by the user, and run things with their access levels.

Get a book on IIS and security, also get all the books your local store has on Hacking (so you know what holes in your system you are potentially creating). Read them.

NT security issues can be very frustrating.