>We are being forced to develop ASP with VFP COM objects. We need to access data on another machine.
>I'm not that familiar with Impersonation, so let me take a stab at it.
>
>Do we need to set the Interactive User as an account which has access to the data on the other machine in DCOMCNFG?
>
>Does this open up security risks? Do we need to use RevertToSelf or ImpersonateClient to close this security loophole?
>
>TIA
Under the directory security tab in Internet Services Manager, specify a "domain" account for the anonymous account (Make sure this account has the correct rights to the database server). By default IIS gives anonymous access to the local Iuser_machine account.
Tim Westmoreland
Software Engineer
Skyline Technologies, Inc.
"Upper classes are a nation's past; the middle class is its future." - Ayn Rand, Russian-born author (1905-1982).