鉴于以下设想:
- Windows 2008 R2 x64 web server with IIS 7.5, Server 1
- Windows 2003 R2 x64 file server, Server 2
- MVC 3 application with Windows authentication and impersonation (authenticated user)
- Configured Server 1 as
Trusted computer for delegationin Active directory - Internet Explorer 8
在申请中,用户有可能上载档案。 这一载荷必须在<>Server 2上保存。 在《法典》中,我们开辟了通往Server 2的道路,并拯救了这条道路。
public ActionResult Upload(HttpPostedFileBase file)
{
var savedDirectory = "\PathToServer2";
if (Directory.Exists(savedDirectory))
{
file.SaveAs(savedFileName);
}
else
{
Directory.CreateDirectory(savedDirectory);
file.SaveAs(savedFileName);
}
return RedirectToAction("Action", "Controller", new { id = 1 });
}
We installed the application on Server 1 and test it locally on Server 1, everything went fine. Files are uploaded to Server 2 no issues there.
When we test the same scenario from a client desktop we get an error saying that there is not enough permissions to save the file on Server 2.
一次丝网会议向我们展示了Server 1 <>/strong> 并非冒犯,因为在上认证用户。 服务器2是空的/匿名的。
Impersonation as Specific User instead of Authenticated User
我们没有获得假冒服务,因此我们设立了一个服务账户,并配置了与这一条相容的申请:<代码>特定用户<>代码/代码>,而不是<编码>用户<>。 该服务账户是个域账户,在
当我们试图上载时,服务账户没有当地文件夹的许可,我们从那里卸下文件。
Delegation
我们通过,通过p.net mvc了解,我们需要为代表团信任Server 1。
After we trusted Server 1 for delegation: still no permissions to save the file on Server 2. We tried this both with impersonation as Authenticated User en Specific user
- Impersonation as
Authenticated Userwith delegation not working: not enough permissions on Server 2 - Impersonation as
Specific Usernot working: not enough permissions on the Local folder
Do we miss something here? Do we need extra steps for delegation?