question

VBAnjalyExt-1614 avatar image
0 Votes"
VBAnjalyExt-1614 asked SamWu-MSFT commented

Windows authentication with impersonation false is not working in windows 2008 server

Hi,

My application is hosted in two different Windows 2008 servers (which are Quality and Production).

In the Quality server, "Windows authentication and impersonation false" is working fine.
But in Production server "Windows authentication and impersonation false" is throwing error.

Why do the same application hosted in two different Windows 2008 servers behave differently with "Windows authentication and impersonation false" configurations?


Kindly help me.

Thanks
Anjaly V B

windows-serverwindows-server-iis
· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Do I need to consider any other Impersonation configurations in IIS or Windows server when I use identity impersonation = false in my web.config file?

0 Votes 0 ·

But in Production server "Windows authentication and impersonation false" is throwing error.

What is the error message?

0 Votes 0 ·

Application is an MVC ASP.NET 4.0 application.

CustomError is turned Off and still I am not able to view the error in my browser when I run the application.

CustomError mode is changed to RemoteOnly, but still I am not able to see error in browser. Please help on how to view error in browser



0 Votes 0 ·

Try setting it to just "on". Also check the IIS log files.

0 Votes 0 ·

@VBAnjalyExt-1614 The problem may be caused by the cache, you can set the authPersistNonNTLM="True" and authPersistSingleRequest="False" in iis setting. If you still can’t solve the problem, you need to post detailed information about the error.

0 Votes 0 ·

1 Answer

jiayaozhu-MSFT avatar image
0 Votes"
jiayaozhu-MSFT answered VBAnjalyExt-1614 commented

Hi,

Thank you for your posting!

Based on your descriptions, you can try to do it in the web.config file:

<identity impersonate="false"/>

In addition, since I have little information on how you configurated and how you failed in this configuration, you can refer your own practice to this article:

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-5.0&tabs=visual-studio#impersonation

Thank you for your support!

Best regards
Joan


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

My application is an ASP.NET 4.0 MVC application. In my web.config file, I was already having <identity impersonate="true"/> with "Windows" authentication and custom error mode "off".

Changing the impersonation as <identity impersonate="false"/> is working perfectly fine in quality windows 2008 server, but the same is throwing error in production windows 2008 server.

I want impersonation to be disabled in my application. Did I miss disabling any other configurations in IIS or server for disabling impersonation?

Please help.



0 Votes 0 ·