I'm developing a web app that performs Active Directory updates using LDAP . When I host the app on an IIS 7, I get the Access is denied
error at the statement directoryEntry.CommitChanges();
.
Then I found out that the application pool is using the identity "IIS APPPOOL\\ASP.NET v4.0" to perform the update.
I need the window's account of the user who is using the web application to be the identity of the application pool.
I have done the following:
But haven't still got it to work.
the concept you are looking for is called Impersonation
from the documentation :
In my case with this configuration it logs with active directory account and the result of System.Security.Principal.WindowsIdentity.GetCurrent().Name is the authenticated session
<identity impersonate="true"/>
<authentication mode="Windows">
<forms name="Login" loginUrl="Login.aspx" path="/" timeout="10"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.