Information générale
Titre:
More IIS account impersonation psychosis
Win2000 server and IIS5. Does anybody know the strategy that IIS follows with respect to running under IWAM vs IUSR, and which identity it chooses to bestow upon COM objects and DLLs when it invokes them?
For years, we have been using the legacy VFP ODBC driver (vfpodbc.dll) within an ASP app. With some experimentation, it was easy to determine that this DLL was running as IWAM. Recently, we created a VFP COM MTDLL that is also invoked by the same asp app. We registered the MTDLL on the target server with the regsvr32 utility. That's all we did. Again, just from some experimentation, we know that the COM MTDLL assumes the IUSR identity when invoked by IIS. Why this schizophrenia? Beats me. And now, for some reason, after registering the MTDLL, vfpodbc also is assuming the IUSR identity instead of the IWAM identity that it had for years. That breaks our app in some legacy portions of code where on disk, dbf access is granted only to IWAM and not to IUSR.
There are easy workarounds, but I've been urinated off about this kind of thing more than once in the past. Can somebody please explain what is going on? Thanks very much.
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement