Impersonation is enabled

  • Article

The information in this article applies to:

  • Visual Studio Team Foundation Server 2010

  • Windows Server 2003 and Windows Server 2008 

  • SQL Server 2008

  • Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007

  • Servers that host the application tier for Team Foundation Server and SharePoint Products

  • Team Foundation Server Complete Health check

  • Team Foundation Server Framework Health Check

  • SharePoint Products Health check

The Best Practices Analyzer tool for Team Foundation Server checks the configuration files for the Web sites and virtual directories for Team Foundation Server and the .NET Framework for the application-tier server. An error appears if ASP.NET impersonation has been enabled for a virtual directory or Web site. The error contains the path of the configuration file and the name of the computer where the error was found.

Note

Impersonation is supported for SharePoint Products.

Impersonation should not be enabled for any Web site or virtual directory for Team Foundation or on the application-tier server for Team Foundation. If you use impersonation in ASP.NET applications, they can run in the context of the client. For more information, see the following page on the Microsoft Web site: ASP.NET Impersonation.

When impersonation is enabled, any user who does not have a login account defined in SQL Server will receive login errors for SQL Server services. Users might also experience connectivity issues for Team Explorer. To resolve this issue, you must open the configuration file that the error specifies and disable impersonation.

Required Permissions

To perform these procedures, you must be a member of the Administrators security group on the application-tier server for Team Foundation.

To disable impersonation in Windows Server 2003

  1. Log on to the server that the error message names.

  2. Open Windows Explorer, and locate the path that the error specifies.

  3. For Web.config files, perform the following steps:

    1. Open the file in Notepad or an XML text editor.

    2. Locate the following text string:

      <identity impersonate="true" />

    3. Change the value from "true" to "false" or remove the line.

    4. Save and close the file.

  4. For server-level configuration files:

    1. Locate the .NETFrameworkRuntimeInstallPath\Config directory.

      On computers that are running Windows Server 2003, the default location of this directory is Drive:\WINNT\Microsoft.NET\Framework\v2.0.50727\CONFIG.

    2. Open the machine.config file in Notepad or an XML text editor.

    3. Perform steps 3b through 3d.

To disable impersonation in Windows Server 2008

  1. Log on to the server that the error message names.

  2. Open the Start menu, point to Administrative Tools, right-click Internet Information Services (IIS) Manager, and then click Run as administrator.

  3. In the Connections pane, expand the local computer, and expand Sites.

  4. Click the name of the Web site that the warning specifies (for example, Team Foundation Server).

  5. In the Features View pane, double-click Authentication.

  6. Right-click ASP.NET Impersonation, and then click Disable.

  7. To disable impersonation at the server level:

    1. In the Connections pane, click the name of the local computer.

    2. In the Features View pane, double-click Authentication.

    3. Right-click ASP.NET Impersonation, and then click Disable.

See Also

Tasks

A web.config file for the application-tier server is not configured correctly

Other Resources

Web Services Issues